Forum Discussion

Nimbostratus

Nov 12, 2013

Fileupload blocked by ASM-policy

Hello, we have a website for our customers to provide binary file upload. Sometimes this upload will be blocked by the security policy of this vip. The reason is for example a matching attack-signatu...

Andreas_6066

Nimbostratus

Dec 02, 2013

Update. One of our Webdeveloper forced our application to transfer all file Uploads in a base64-coding. This solved my problem, cause base64-content don't have the text-part that match the attack-signatures.

The size of the upload increased with this solution, but it's better to wait some time while transfering instead of no Transfer at all.

F5-Support couldn't solve this issue in a different way as the ones we already discussed.

schusb

Nimbostratus

Dec 06, 2018

We're facing the same problem. Are there any known solutions so far?

BIG-IP 13.1.0.6 Build 0.0.3 Point Release 6

I could think of setting a Header-Based Content Profile, where we use a "Request Body Handling" of "Do nothing" for the Content-Types of "application/octet-stream" and "application/pdf"

Whith this solution in place, is there only the binary file excluded from ASM- inspection?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)