Forum Discussion

Altostratus

Jan 22, 2015

F5 is not blocking Cross Site Script attack

Hi, This is a general question for F5 11.2.0 version software around where we go about enabling the Cross Site scripting. Is this being done via the CSRF Protection mechanism. Are we able to enable i...

Cirrocumulus

Apr 29, 2015

Mr Shaggy,

From what you are describing it looks like you have accepted "alert()" as a parameter in your policy? this means you have whitelisted it - this could be an issue you are experiencing... Please check if it is there by mistake.

Also:

A) Please check your staging from the Enforcement-Readiness Summary (used to be called Staging-Tighenting SUmmary in older versions) - Make sure your URLS/parameters are enforced.

B) Make sure that XSS Signatre set is assigned to the policy and is in Blocking mode C) Navigate to a URL which should be blocked, but not blocking: e.g. /myurl/somefile.php?name=alert('xss')

Find this URL in your event log and inspect it for any raised violations - this should give a clue why it is not blocking.

Hope this helps, Sam

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 is not blocking Cross Site Script attack

Recent Discussions

Creating Policy using Terraform

Alert Mail when virtual server down trubleshooting

How to disable RC4 Cipher on SSL

Big-IQ + LetsEncrypt wildcard

DEVICE-0202 Error while adding rSeries as a provider in CM

Related Content

The HTTP/2 CONTINUATION frame attack

ESRP Strategies: DNS Water Torture Attack

Passing Arguments to iCall Scripts

Microsoft 365 IP Steering python Script

Blocking Zero-day WordPress Attacks with F5 Essential App Protect

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS