For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Yosi_373863's avatar
Yosi_373863
Icon for Nimbostratus rankNimbostratus
Oct 07, 2018

"F5 Rules for AWS WAF Web exploits" blocks client request with large body

After I added "F5 Rules for AWS WAF Web exploits" to our AWS load balancer Web ACL I started seeing that calls to one of our APIs are being blocked. This API is being used to allow users save their t...
application delivery
aws
F5 Rules for AWS WAF
Simon_Blakely's avatar
Simon_Blakely
Icon for Employee rankEmployee
Oct 14, 2018

As detailed in

 

K21015971: Overview of F5 RuleGroups for AWS WAF

 

the primary avenue of support for F5 RuleGroups for AWS WAF is AWS Support

 

F5 Rules for AWS WAF - Bot Protection Rules

 

Please contact AWS Support (https://aws.amazon.com/contact-us) for AWS WAF related assistance

 

AWS do have a channel for accessing F5 Support, and access into the violation information.

 

Otherwise, you need to post an example blocked request (at least the headers) that may provide some clues as to the sort of violation that is being triggered.

 

Is the Content-Type being correctly set as JSON?