Forum Discussion

Nimbostratus

Jul 21, 2025

F5 rules for AWS WAF

Hi, We are experiencing false positives with the WAF rule rule_ZmEu_Headers, part of the F5-Bots_Managed ruleset protecting our backend. Issue details: - Legitimate requests from our customers are ...

f5-block-log.txt.zip3 KB

cloud

security

Nikoolayy1

MVP

Jul 22, 2025

The AWS WAF bot signatures by AWS or even F5 are limited as nowadays for Bots better use things like F5 XC Bot Defense that can even without F5 BIG-IP/Next or XC Customer Edge in AWS be added to the the app source code by just adding the javascript tag.

https://docs.cloud.f5.com/docs-v2/bot-defense/quickstarts/bot-defense-waap.

kingsleykumar
Nimbostratus
Jul 23, 2025
Thanks. Is there a place where I can find the version history of F5 signature updates? I believe a recent F5 bot signature update is causing issues and would like to confirm.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 rules for AWS WAF

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

F5 DNS Logs in JSON Format

Geo location update

Help with an iRule to disconnect active connections to Pool Members that are "offline"

block a specific user

Related Content

F5 Rules for AWS WAF - Rule ID to Attack Type Reference

High Availability for F5 NGINX Instance Manager in AWS

F5 rules for AWS WAF Terraform

Using AWS CloudHSM with F5 BIG-IP

Living on the AWS Edge - BIG-IP on AWS Outposts

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS