For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Altocumulus rank

Altocumulus

Apr 10, 2019

How ASM can mitigate the web shell attacks?

I have found this doc https://devcentral.f5.com/articles/webshells

This is useful understanding how these attacks work, but not clear about how we exactly mitigate or if ASM need to be configured to achieve this mitigation.

Please suggests.

application delivery

ASM Advanced WAF

1 Reply

boneyard
MVP
Apr 13, 2019
that would be taken care of by the signature sets. these shells execute cat or ls or ... to look into passwd or other things. that is something attack signatures can detect very well.

but to be honest if you think there are web shells on your servers you might want to look into that first and get that solved.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5