Forum Discussion

iranthawow's avatar
Icon for Nimbostratus rankNimbostratus
Apr 26, 2023

False Positive on AWS WAF F5 Managed Rule F5#OWASP.rule_SQL_INJ_SELECT_DATABASE____Parameter__AllQue



We have setup AWS WAF2 with F5 OWASP Subscription and currently getting some False Positive requests Blocks. We need support from F5support.

We recently enabled "F5-OWASP_Managed" rules set on a AWS WAFv2 and Once we did we started seeing a false positive for an API call with the following rule...

After some further investigation we discovered the rule is tripped when we make a request to export data to a CSV file.

Can you give us more background information on exactly what this rule is doing and how we should go about avoiding this false positive?