Forum Discussion
marta_sl
Nimbostratus
NimbostratusFile upload and ASM
Hi, We have developed a web application for uploading videos. This web app is protected by our ASM module. However, when we attempt to upload a video larger than 10 MB, the ASM blocks the request an...
Bypass for an ASM policy better be done just for the violation with an irule as I see it as to not stop the ASM checks for urls , headers etc. and this way you are making a smaller security hole 😗. This is a nice example:
https://clouddocs.f5.com/api/irules/ASM__unblock.html
Other option that can be tested is Request Body Handling, select Do Nothing. under the url:
https://my.f5.com/manage/s/article/K32081491
What was mentioned till now are all good solutions.
marta_slNimbostratus
NimbostratusHi,
Thank you very much for your responses and advice. What if we disable the "Block action" for the "Request length exceeds defined buffer size" in the policy building settings? Do you think it may affect the performance of the hardware?
Hi marta_sl ,
no there is no impact on hardware or performance.
if you disabled it , it will not block the large files upload , but this will be applied in all urls or virtual server applied under this ASM policy.
So you have much varites :
> bypassing asm policy for specific url ( using irule , LTM policy )
> disablie ( learn , alarm , block ) for that violation.
> increasing request buffer size ( but this needs to monitor your system resources specially your memory consumption.
