Forum Discussion

m1k3_56519's avatar
m1k3_56519
Icon for Nimbostratus rankNimbostratus
17 years ago

exclude some paths from signature based ASM

Hello guys,     is it possible to exclude some paths from signature based ASM? For example I've enabled the ASM module for the host www.asm.com and I would like to exclude the path www.asm...
app sec
BIG-IP Access Policy Manager (APM)
security
Don_22992's avatar
Don_22992
Icon for Nimbostratus rankNimbostratus
17 years ago
I have the same issue, but was wondering if there are any examples of such a customized attack signature.

 

In the iRule forum, there are several threads on how to block access to certain pages of a virtual server. For example, we want to allow access to

 

http://my.domain.com/login

 

http://my.domain.com/report

 

etc...

 

 

...and want to block access to:

 

http://my.domain.com/webconsole

 

 

Several of the forums mention that to completely block undesired pages, ASM is a better tool to use. Specifically, it implies that ASM would be able to block several different forms of accessing the page maliciously, such as:

 

http://my.domain.com/%77%65%62%63%6F%6E%73%6F%6C%65

 

http://my.domain.com/report/../webconsole

 

etc...

 

 

Note that while /webconsole is used as an example, there is a set of such paths. Is there an ASM article to which I can refer that explains specifically how to create a custom ASM signature for this case?