Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Jun 12, 2017

evasion technique bad unescape false positive

Is it possible to remove this check on a specific application?

application delivery

ASM Advanced WAF

1 Reply

samstep
Cirrocumulus
Jun 14, 2017
Yes, of course it is possible to disable this violation in the policy. Do you have one ASM policy applied to several applications? in such case it is best to create a separate policy for your specific application (you can easily copy policies). However I suggest that you first understand the reason for false positive... usually it is either due to configured decoding rounds or the Referer header from a problematic webapp.

Some information is available in F5 Knowledge Base Article:

https://support.f5.com/csp/article/K7929

Hope this helps,

Sam

Welcome! a la Communidad DevCentral LATAM de F5!

LATAM Users Articles

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5