Hi

Question

I was getting false postives on f5 asm with violation post content length is 0.I had disabled that violation under http compliance violation in blocking settings.but the request is still getting blocked.the f5 version is 11.6.2 . should i disable the violation check : content length should be positive integer as well ?? I read asm ll block even if it is 0. Does that come under this violation or the post content length is 0 violation or are both related ?

erik_novak · Answer

First, if you disabled the violation for POST request with Content-Length: 0 then ASM should not be blocking any requests that contain a zero-length POST body. Make sure you click Save and Apply Policy after changing the blocking option. Second, the Content length should be a positive number violation is sort of related, in that it also checks the Content-Length header to ensure that it is at least 1. Either of these 0 values could indicate a response splitting attempt, or a denial of service attempt.

Forum Discussion

Hi

Recent Discussions

Need Urgent BIGIP Trial License and VM Image

APM for banner and cert

How to Renew F5 Device Certificate

UCS backup not loading Big IP DNS pool

XC Bot defense question

Related Content

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS