Forum Discussion

Cirrostratus

Mar 23, 2022

F5 ASM appears not blocking filetypes in http query

F5 v15.1.3.1 My F5 ASM policy is configured to block command executions and illegal file types but for example if I try to browse this url: https://my.web.site/netstat.exe Then ASM blocks the re...

Employee

Apr 09, 2022

In order to block the request, you can follow these steps:

1)_ Fix and use the REGEX : (([A-Za-z0-9_-]+)\.exe).*$
Tool: https://regex101.com/

2)_ Create Attack Signature List.
Security ›› Options : Application Security : Attack Signatures : Attack Signatures List

3)_ Create custom "Attack Signature Sets"
Security ›› Options : Application Security : Attack Signatures : Attack Signature Sets

4)_ Enforce the Signature in the policy

5)_ Test

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 ASM appears not blocking filetypes in http query

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Service Extensions with SSL Orchestrator: Advanced Blocking Pages

Block IP after a number of ASM Blocks

Massive DDoS, DanaBot Dismantled, Scraped Discord Messages and Signal Blocks Windows Recall

Filetype detected incorrectly in ASM because of dot in URL

Block traffic

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS