Forum Discussion

Sriram_Shanmuga's avatar
Icon for Altostratus rankAltostratus
Sep 20, 2018

JSON Parser Attack

Hi All,


I have enabled WAF policy in blocking mode and i could see the WAF is blocking. Client is using JSON scripts and its being blocked by WAF.


How to bypass the JSON parser attack .




2 Replies

  • I have enabled WAF policy and apply to a Virtual server in Transparent mode. When the user execute JSON script in Postman tool, they are thrown a support id.


    Is it an expected behavior from WAF ?


    Regaards RAM


  • OM's avatar
    Icon for Nimbostratus rankNimbostratus

    enabling WAF may block requests if you don't custom your policy according to your needs.

    if your json content has some special characters or any pattern that may match a signature, the request may get blocked.

    you can look at the logs and see what is the reason of the blocking.