Forum Discussion
JSON Parser Attack
Hi All,
I have enabled WAF policy in blocking mode and i could see the WAF is blocking. Client is using JSON scripts and its being blocked by WAF.
How to bypass the JSON parser attack .
Thanks
- Sriram_ShanmugaAltostratus
I have enabled WAF policy and apply to a Virtual server in Transparent mode. When the user execute JSON script in Postman tool, they are thrown a support id.
Is it an expected behavior from WAF ?
Regaards RAM
- OMNimbostratus
enabling WAF may block requests if you don't custom your policy according to your needs.
if your json content has some special characters or any pattern that may match a signature, the request may get blocked.
you can look at the logs and see what is the reason of the blocking.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com