Forum Discussion

Cirrostratus

Nov 06, 2017

Exchange behind ASM and XSS

Hi i want to know if enabling all "cross site scripting" signatures for exchange can cause false positive alerts/blocks? I want to enable it but afraid of too many false positive blocks. Exchange pub...

application delivery

ASM Advanced WAF

Hannes_Rapp

Nimbostratus

Nov 07, 2017

Can you specify what are those "default ASM templates" you have tried? The template policy you pick must match your application version. Config of a particular policy may work with one software version but not the other. Maybe this could be your problem? Also make sure you have updated to latest revision of ASM Attack Detection Signatures. ASM policy templates provided by F5 for popular applications like Exchange are generally vetted properly and should work out of box.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Exchange behind ASM and XSS

Tyler - May 2026 Featured Member

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

F5 Send email and snmp trap from LTM log event

shame on f5

Dynamic import of data groups

ASM allow specific url from outside country of geolocation ON

AWAF Detection Inconsistency Between Similar Test Payloads

Related Content

Equinix and F5 Distributed Cloud Services: Business Partner Application Exchanges

Exchange 2016

Technical Impacts of Open Banking and Financial Data Exchange on Financial Systems

Exchange 2019

File Uploads and ASM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS