For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

kingsleykumar's avatar
kingsleykumar
Icon for Nimbostratus rankNimbostratus
Jul 21, 2025

F5 rules for AWS WAF

Hi, We are experiencing false positives with the WAF rule rule_ZmEu_Headers, part of the F5-Bots_Managed ruleset protecting our backend. Issue details: - Legitimate requests from our customers are ...
cloud
security
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Jul 22, 2025

The AWS WAF bot signatures by AWS or even F5 are limited as nowadays for Bots better use things like F5 XC Bot Defense that can even without F5 BIG-IP/Next or XC Customer Edge in AWS be added to the the app source code by just adding the javascript tag.

 

https://docs.cloud.f5.com/docs-v2/bot-defense/quickstarts/bot-defense-waap.

  • kingsleykumar's avatar
    kingsleykumar
    Icon for Nimbostratus rankNimbostratus
    Jul 23, 2025

    Thanks. Is there a place where I can find the version history of F5 signature updates? I believe a recent F5 bot signature update is causing issues and would like to confirm.