Create test for block page on non-existent path

Question

Hello
I am trying to build an attack signature that will allow our team to visit a URL that does not exist on any of our websites to ensure the ASM is blocking for that site.  This will also be used to test changes to the Response pages.
Is there any known way to create an attack signature that will block traversal to a path that does not exist on the server?  This is the rudimentary testing signature that I put together from some documentation, but I don't seem to be getting the block\response page.
uricontent:"cmd.exe"; nocase; objonly;

Any help would be greatly appreciated.
Thanks.

iaine · Answer

Hi&nbsp;
Your custom signature looks good to block requests with cmd.exe in the path.  Is your signature still in staging and so therefore won't block the request?  Have you enforced the signature on your policy so that it blocks these requests?&nbsp;

Forum Discussion

Create test for block page on non-existent path

Recent Discussions

Oracle JDBC SSL Termination failing on F5

APM for banner and cert

An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

How to Renew F5 Device Certificate

How to export a list of paired external service providers from APM?

Related Content

DNS NXDOMAIN Handler - No More Non-Existent Domain

Create a DevCentral account

Block IP after a number of ASM Blocks

Create F5 BIG-IP Next Instance on Proxmox Virtual Environment

Block traffic

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS