Forum Discussion

Cirrus

Nov 11, 2020

"Illegal parameter value length" events when parameter is already at that value

Hi, The security policy is in transparent mode and when I enable block mode for site. The "Illegal parameter value length" logs are appearing in events request and the requested page is getting bloc...

Cirrus

Nov 16, 2020

Hi Erik,

The detected parameter values are odd numbers (Ex. 5674) and when I accept the suggestion then maximum value length will get change from 1000 to 10000. except than "ctl00" there is no new suggestion currently available in traffic learning.

As per recommendation in bug report, I have disabled the "Learn from responses" feature and now I am monitoring the web application traffic and will ignore the suggestions if the value is lesser than applied one.

Kindly suggest if any other recommendations please.

Regards,

Rahul

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

"Illegal parameter value length" events when parameter is already at that value

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Related Content

Diffie-Hellman "p" length 1024/2048 bits

Brute Force protection for single parameter like OTP

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

How can I add an "Illegal Header" in the Advanced WAF.

Wildcard Parameter signature attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS