Forum Discussion

Nimbostratus

Oct 03, 2013

How to tell ASM that a POST is valid?

Hi out there We have a webserver which is accessed through a F5 with LTM, APM & ASM - there has been implemented a function now where the customer can upload a file from there PC to the site This als...

rob_carr

Cirrocumulus

Oct 04, 2013

The Expected Request Length value is the length of the entire request, headers, request line and POST data included. The POST data length is just the payload of the request, so it should be slightly smaller.

You basically have two choices: monitor the length of requests and risk that valid requests will be blocked if they are out of range, or stop qualifying requests on the basis of length, and risk buffer overflow attacks.

You can enable learning on the Illegal POST Data Length and Illegal Request Length violations, examine requests that trigger these violations and then decide if there really is a case for relaxing the length restrictions, but you might block valid requests as part of the learning process.

Hope that helps.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)