Forum Discussion

Nimbostratus

Sep 14, 2021

Drop request by body message

Hi, how can I block request for specific policy filtered by specific body message. For example this is body message (URL decoded): {"messageType":"Erro","messageVersion":"2.1.0","th...

ASM Advanced WAF

security

samstep

Cirrocumulus

Sep 14, 2021

You can achieve this in ASM by writing a custom Attack signature to look for whichever keywords you want and then set it to Block in your ASM policy.

https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/big-ip-asm-attack-and-bot-signatures-14-1-0/04.html

Tomislav
Nimbostratus
Sep 22, 2021
Hi,
I have created new signature but requests are still passing. Do you have any idea what I have configured wrong?

Kind Regards,
Tomislav Nagy

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Drop request by body message

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

Rate limiting WebSocket messages for Agents

Load Balancing TCP TLS Encrypted Syslog Messages

TSA Drops Shoes, IoT and Roundup

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

Performance optimalization of message based load balancing.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS