Forum Discussion

Muhannad_64809's avatar
Muhannad_64809
Icon for Nimbostratus rankNimbostratus
Jul 09, 2017

Disable a specific ASM Attack Signatures checks for a specific IP address.

Dears,   Is it possible to disable a specific ASM Attack Signatures checks for a specific IP address, while keeping the check of the other signatures?   Regards, Muhannad  
ASM Advanced WAF
security
  • Ashwin_Venkat_1's avatar
    Ashwin_Venkat_1
    Jul 10, 2017

    Hello Muhannad,

     

    As far as my knowledge, we don't have a way to simply disable signature checks based on IP addresses. The best option I can think of is to configure these IP addresses as being Trusted Addresses within the policy, so we won't block any requests coming from these addresses. However, what this does is it won't block requests that encounter any violation in general (not just attack signatures that are getting triggered).

     

    Let me know if this answers your question.

     

Ashwin_Venkat_1's avatar
Ashwin_Venkat_1
Historic F5 Account
Jul 10, 2017

Hello Muhannad,

 

As far as my knowledge, we don't have a way to simply disable signature checks based on IP addresses. The best option I can think of is to configure these IP addresses as being Trusted Addresses within the policy, so we won't block any requests coming from these addresses. However, what this does is it won't block requests that encounter any violation in general (not just attack signatures that are getting triggered).

 

Let me know if this answers your question.

 

  • Muhannad_64809's avatar
    Muhannad_64809
    Icon for Nimbostratus rankNimbostratus
    Jul 21, 2017

    Dear Ashwin,

     

    I think your answer is very clear.

     

    Regards, Muhannad