Evasion Techniques Blocking -Multiple decoding

Question

Evasion Techniques Blocking -Multiple decoding&nbsp;
We are getting genuine traffic blocked by ASM with the reason of possible Evasion Technique(Multiple Decoding).&nbsp;
We changed decoding passes from default to 5. Still it blocking.
Is there way to allow genuine traffic? 
What is the risk if we disable url normalization? or disable multidecoding viloation?
what is the correct process?&nbsp;
Many Thanks!&nbsp;

kash_276820 · Answer

Any answers please?&nbsp;

samstep · Answer

Examples of your requests which get blocked? difficult to understand what is going on without an example. This rule is known to produce false positives when % character is used, for example in password fields. In such cases % character can be allowed on specific parameter (e.g. password) as an excpetion without making policy less secure. If you disable the rule hackers can easily hide their attacks by encoding the payloads

Forum Discussion

Evasion Techniques Blocking -Multiple decoding

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

WAF evasion techniques for Command Injection

Mitigating new HTTP Request Smuggling techniques with BIG-IP ASM

Multiple Ways to Configure Usage Reporting in NGINX

Credential Stuffing Tools and Techniques

Block IP after a number of ASM Blocks

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS