Forum Discussion
vaibhavkumar-savkare
Jan 13, 2023Nimbostratus
F5 rules for AWS WAF: API Blocked Due to F5 Rule set
Hello,
We have WAF ACL "bl-prd-crm-acl" for our production workload.
One of our production api URL was got blocked due to this as it was due to F5 Rule. with error 403 forbidden.
Time Frame...
vaibhavkumar-savkare
Jan 27, 2023Nimbostratus
Hello,
I am checking with my team if I can share packet payload or not.
Till then can you please provide detailed documentaion for ruleid=rule_XSS_script_tag__Parameter__AllQueryArguments_Body
[{rulegroupid=F5#OWASP_Managed, terminatingrule={ruleid=rule_XSS_script_tag__Parameter__AllQueryArguments_Body, action=BLOCK, rulematchdetails=null}, nonterminatingmatchingrules=[], excludedrules=null}] |
- Leslie_HubertusJan 31, 2023Ret. Employee
This might be a question for Joel_Cohen.
- Joel_CohenFeb 01, 2023Employee
Hello,
The rule mentioned is related to cross-site scripting. Unlike traditional, full blown WAF security solutions, the content and detailed descriptions of F5 rules cannot be viewed.
If the rule was blocking legitimate traffic, you can disable it.
I hope this helps
Thanks
Joel
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects