Forum Discussion

Nimbostratus

Jan 21, 2009

exclude some paths from signature based ASM

Hello guys, is it possible to exclude some paths from signature based ASM? For example I've enabled the ASM module for the host www.asm.com and I would like to exclude the path www.asm...

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Jan 22, 2009

Hi,

I think you'd need to create a second HTTP class with a URI filter for /admin and use a separate policy with customized attack signatures. You'd want to add the admin HTTP class at the top of the list of classes on the VIP to ensure /admin requests would match that class and all others would go to the default class and corresponding policy.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

exclude some paths from signature based ASM

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

What happens if I activate only ASM without provisioning LTM?

Implement load balancing solution with constraints

How to Block Source IP for 24 Hours After TPS Violation (F5 DoS / iRule / SSL Proxy Setup)

VMware Horizon app and X-Forwarded-For

Migration of complete ucs file of BIGIP 2000 LTM to r5800 creating tenant/ Using Journey APP

Related Content

NGINX App Protect v5 Signature Notifications

Community Learning Path: Multi-Cloud Networking

Attempting the new path to BIG-IP Certified Administrator

F5 ASM/AWAF Preventing unauthorized users accessing admin path

Cross Site Scripting (XSS) Exploit Paths

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS