Forum Discussion

Nimbostratus

May 25, 2011

IRule for Context-Specific ASM Error Page

I wrote a couple iRules to help provide some context to our users when they get dinged by the ASM. Basically, I wanted to pass in the URL of the page that generated the block, in addition to the "supp...

Cirrostratus

May 25, 2011

Hi Dan,

I haven't tested this, but could you use HTTP::respond from ASM_REQUEST_BLOCKING to replace the redirect?

when ASM_REQUEST_BLOCKING {
    set redirectTo "http://www.domain.com/not_found.htm?$asm_query_string"  
    HTTP::respond 302 Location $redirectTo
}

Also make sure to validate the query string on your PHP app which displays the error text. At a minimum you could HTML encode any text you display back to the user to avoid a XSS vulnerability.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

IRule for Context-Specific ASM Error Page

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Requirement for BIG-IQ VM Deployment in AWS

Can't change sync type or failover after tenant upgrade.

Cannot ping external interface

How can k8s CIS CRD VirtualServer reference existing APM Access profile?

F5 asm/awaf

Related Content

Error: read ECONNRESET error while using Postman for API calls after change to irule

iRULE regsub error

BIG-IP methods to Fix the “421 Misdirected Request” Error

iRules for 403 forbidden error

iRules Style Guide

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS