Forum Discussion
CirrostratusDespite correct wildcard URL, still getting suggestions
Hi all,
Running 11.5.1 HF10. So we have a web application where an applet is exchanging data via URLs such as /SvViewData, /SvExportToExcel, etc.. Because this is binary data, I need to disable parameter checking on these URLs or the ASM will complain it cannot read it.
I added a wildcard URL named '/Sv*' with all checking set to disabled. Images: https://i.imgur.com/6T38pOM.png https://i.imgur.com/zsjRR4b.png
However, I still get suggestions as you can see on the screenshot below. https://i.imgur.com/Oq4XSHx.png
Ideas? Thank you.
4 Replies
Hussein_Ghazy_3Nimbostratus
This is the URL Properties Tab https://i.imgur.com/6T38pOM.png Choose the next tab which is URL Parameters, create the parameter you want and either disable or allow specific Value Meta Characters or Attack Signatures.
Chris_GrantEmployee
If you want to disable the ASM for specific URLs it makes more sense to go to the Local Traffic Policy and tell the BigIP you want to disable ASM for specific URLs rather than passing to the ASM and trying to get the ASM to do this. This should help you get started: https://support.f5.com/kb/en-us/solutions/public/15000/000/sol15085
Also, as configured your ASM is looking for a header named Any with a value of Any, which is probably not what you want. You must use a specific header, not a wildcard in that field.
NiHo_202842@Hussein Ghazy: this is about blocking URLs in its entirety, not parameters.
KimihitoThe request hits HTTPS /SvViewData Somehow in your URL property page is not showing HTTP/HTTPS selector. Isn't it a case you configured the URL property for HTTP but the actual request is coming on HTTPS ?
