Forum Discussion

Nacreous

Oct 10, 2013

False positive ASM block

ASM security policy blocking the request as it is detecting an attack in the content.ASM is blocking because of cross site scripting attack. Subscriber names are coming in HTTP request. eg.Shelly. AS...

Cory_50405

Noctilucent

Oct 10, 2013

Yep. Navigate to Application Security -> Parameters -> Parameters List and then select the policy you wish to edit. Create a new parameter, name it appropriately, and set it to a user-input value. Then at the bottom, click the attack signatures tab and select the signature that is incorrectly firing on the parameter and move it over to the overriden security policy settings pane. Ensure the dropdown for this signature says disabled.

This will disable the attack signature only for the specific parameter.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)