Forum Discussion

Jayson_Haxton_2

Icon for Nimbostratus rank

Nimbostratus

Aug 29, 2017

iRule to prevent XSS attack

How would I write an iRule to prevent an XSS attack on an HTTPS site.

Jayson_Haxton_2
Nimbostratus
Aug 29, 2017
I want to prevent someone from adding "%20was%20changed.%20Please,%2 0Visit%20Attacker.com%20because%20this%20page" to the URL.
Hannes_Rapp
Nimbostratus
Aug 29, 2017
Use ASM module which is meant for it. Going with iRule is fixing broken bones with band aids.

For mitigating XSS attacks executed via HTTP headers or HTTP URI, a LTM iRule solution would not be that bad. However, for complete mitigation, you also need to look for XSS attacks in POST payload. For that last scenario, a iRule solution is not feasible. It would cause significant degradation of your app performance.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming