Forum Discussion

Cirrostratus

Sep 02, 2020

Header Based content profile

If i have form with Content-Type: multipart/form-data; boundary ................ that require file upload , when any file attached it is give attack signature detect. i have tried to add some ch...

Nacreous

Sep 07, 2020

Hi BLUE,

Yes, ASM does carries out certain checks on file upload : https://support.f5.com/csp/article/K01235989

Can you specify which signature attack is raised and its details ?

Regards

THE_BLUE

Cirrostratus

Sep 08, 2020

example :

"arp" execution attempt , but no detalis in payload related to files type.

but sometimes i can see in payload pdf , jpg and so on. something like encoding.

is there any change i have to apply under attack signature in learning and blocking settings?

how can i understand where ASM detect the attack ?

because sometimes i can not understand (only letters and characters ).

do i have to enable attack signature in policy based on server technologies or what ?

appreciate your help.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Header Based content profile

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

iRule to modify a content-security-policy header

WAF - URL advance option - header based content profiles

Layer 7 Content Routing in F5 XC

Invalid Content-Length header caused Big-IP to terminate connection?

DevCentral Content Highlights

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS