Forum Discussion

Nimbostratus

Jan 21, 2009

exclude some paths from signature based ASM

Hello guys, is it possible to exclude some paths from signature based ASM? For example I've enabled the ASM module for the host www.asm.com and I would like to exclude the path www.asm...

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Jan 22, 2009

Hi,

I think you'd need to create a second HTTP class with a URI filter for /admin and use a separate policy with customized attack signatures. You'd want to add the admin HTTP class at the top of the list of classes on the VIP to ensure /admin requests would match that class and all others would go to the default class and corresponding policy.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

exclude some paths from signature based ASM

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

November Security Research Update: Newly Released Attack Signatures

NGINX App Protect v5 Signature Notifications

Cross Site Scripting (XSS) Exploit Paths

Community Learning Path: Multi-Cloud Networking

TMOS Version Update Paths

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS