Forum Discussion

Nimbostratus

Dec 15, 2023

Solved

F5 AWAF - bypass request based on the pressence of a request header - value

Hello, We work with a service provider that need to automatically perform requests to our website. However this request has some values that triggers waf signatures. We would like to bypass those...

security

Nikoolayy1
Dec 19, 2023
The irules are the way to go. Only for HTTP headers that have an ip addresses like X-Forwarded-For / Real Client IP you can make the WAF policy to use the ip address in the header and bypass the WAF by using the trusted IP addresses option.

Overview of the Trusted X-Forwarded-For header (f5.com)

Managing IP Address Exceptions (f5.com)

Nikoolayy1

MVP

Dec 15, 2023

You can use an irule and ASM::disable when the header is seen.

For an example see:

https://my.f5.com/manage/s/article/K22021244

https://clouddocs.f5.com/api/irules/ASM__disable.html

bfm
Nimbostratus
Dec 18, 2023
Hello,

Thanks for the help. I was trying to not use irules for this. Isn't there a way to whitelist based on a header using the graphical interface?

Thank you.
- Nikoolayy1
  MVP
  Dec 19, 2023
  The irules are the way to go. Only for HTTP headers that have an ip addresses like X-Forwarded-For / Real Client IP you can make the WAF policy to use the ip address in the header and bypass the WAF by using the trusted IP addresses option.
  
  Overview of the Trusted X-Forwarded-For header (f5.com)
  
  Managing IP Address Exceptions (f5.com)