Forum Discussion

Nimbostratus

Nov 10, 2008

How to allow Search Engine Robots/Slurps through ASM?

We have recently installed a pair of F56400s (v9.4.3) in front of our website with ASM in blocking mode. We are seeing and blocking loads of Non-RFC compliant request violations. Exami...

app sec

BIG-IP Access Policy Manager (APM)

security

dburnett_103851

Nimbostratus

Jan 28, 2009

Thanks for the posting.

As it now transpires that the 'Header Name with No Header Value' check actively protects against a HTTP Request Smuggling attack I've had no other choice but to re-enable the checks on our F5s.

However, this should now mean the Yahoo robots will start to be blocked again, so if there are other options to allow the slurps through, or to prevent HTTP Request Smuggling attacks whilst having the check turned off, I'd be glad to hear them

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

How to allow Search Engine Robots/Slurps through ASM?

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Search for pools with no members

Config Search

L3/4/DNS DDoS Reporting with Elastic Search and Kibana

How to search the latest security academic papers

In search of a security incident response system for the masses

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS