Forum Discussion
CirrusHTTP protocol security within individual ASM profile
I am pretty new to ASM. I have a couple ASM policies in front of a few SharePoint Project Server 2013 farms. A couple farms are test and a couple are production. The production farm policies are in transparent mode. The test farm policies are in blocking. I started noticing parts of certain pages not loading on the test farm. I checked ASM and was able to confirm that legitimate traffic was being blocked. The block was for HTTP protocol compliance failed. The HTTP check was "POST request with Content-Length: 0". I can't explain why loading a page would cause a POST request. ASM suggested not checking for "POST request with Content-Length: 0". I accepted this change and applied it to the policy. This fixed my problem.
My question is where can I see that change specifically within the ASM policy. I know where I can see changes to the XML profile for a specific policy, but I couldn't find the equivalent for changes to HTTP compliance checks.
Thanks in advance.
1 Reply
cjuniorNacreous
Hi, Are you looking for the screen where the ASM disable this specific protocol compliance check?
If so, you can find it on the menu:v11.x: "Application Security > Blocking > Settings" then expand "HTTP protocol compliance failed" on the RFC violations section.
v12. and later: menu "Application Security > Policy Building > Learning and Blocking Settings" then expand "HTTP protocol compliance failed" section.
I hope it helps you.
