False Positive on AWS WAF F5 Managed Rule F5#OWASP.rule_SQL_INJ_SELECT_DATABASE____Parameter__AllQue

Question

Hello&nbsp;We have setup AWS WAF2 with F5 OWASP Subscription and currently getting some False Positive requests Blocks. We need support from F5support.We recently enabled "F5-OWASP_Managed" rules set on a AWS WAFv2 and Once we did we started seeing a false positive for an API call with the following rule...F5#OWASP.rule_SQL_INJ_SELECT_DATABASE____Parameter__AllQueryArguments_BodyAfter some further investigation we discovered the rule is tripped when we make a request to export data to a CSV file.Can you give us more background information on exactly what this rule is doing and how we should go about avoiding this false positive?&nbsp;RegardsIrantha

leslie_hubertus · Answer

Hi&nbsp;iranthawow&nbsp;- I'm featuring your post in this week's Community Highlights article to try to boost visibility so someone will answer.&nbsp;

Forum Discussion

False Positive on AWS WAF F5 Managed Rule F5#OWASP.rule_SQL_INJ_SELECT_DATABASE__ParameterAllQue

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Automating Certificate Management on F5 BIG-IP

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

Automating ACMEv2 Certificate Management on BIG-IP

F5 Distributed Cloud WAF AI/ML Model to Suppress False Positives

Managing Model Context Protocol in iRules - Part 3

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS