Forum Discussion

Cirrostratus

Nov 07, 2017

Exchange behind ASM and XSS

Hi i want to know if enabling all "cross site scripting" signatures for exchange can cause false positive alerts/blocks? I want to enable it but afraid of too many false positive blocks. Exchange pub...

application delivery

ASM Advanced WAF

Jad_Tabbara__J1

Cirrostratus

Nov 07, 2017

ASA Nuruddin,

My suggestion is to add the "Cross Site Scripting" Signatures and keep only "Learn" and "Alarm" checked. So you have to unchecked the "Block" action.

Keep this configuration 2 weeks for example and after that verify from the "Event Logs" if you got to much incidents. In this case you can fine tune your policy.

N.B: If the VS is exposed on the internet be sure to identify the authorized traffic and not accept malicious traffic.

Hope it helps

Regards

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Exchange behind ASM and XSS

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

SSL Bridging and FQDN rewrite Policy

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

F5 BIG IP laboratory license

F5 mssql health monitor failing

Related Content

Exchange 2016

F5 asm/awaf

Technical Impacts of Open Banking and Financial Data Exchange on Financial Systems

Exchange 2019

File Uploads and ASM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS