F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

smalex's avatar
smalex
Icon for Altostratus rankAltostratus
Jun 11, 2019

HTTP Compliance Exception

We have implemented ASM recently and one request was blocked because of content length being 0. Checked with application team and as per them that shouldn't be blocked. Is there a way to exclude a UR...
application delivery
ASM Advanced WAF
security
Niels_van_Sluis's avatar
Niels_van_Sluis
Icon for MVP rankMVP
Jun 12, 2019

It seems to be a global setting. I couldn't find a way within the configuration utility to make an exception. But you could use an iRule to create an exception. See the iRule below.

when ASM_REQUEST_DONE {
  set uri [HTTP::uri]
  foreach violation [ASM::violation names] {
      if { $uri starts_with "/login.php" && [ASM::violation count] < 2 } {
          if { [matchclass [ASM::violation attack_types] equals "ATTACK_TYPE_HTTP_REQUEST_SMUGGLING_ATTACK"] } {
              log local0. "Violation $violation detected for URI $uri, but allowed anyway."
              ASM::unblock
          }
      } else {
          # More than one violation, too dangerous to Unblock
          return
      }
  }
}