Forum Discussion

Nimbostratus

Dec 19, 2021

Log4j iRule mitigation as described in K59329043 - which encoding is the regex using ?

Hi Community, just for my understanding - can someone please clarify which encoding is being used in the regex with F5 release under K59329043 in order to mitigate log4j CVEs exploits ? I...

MVP

Dec 19, 2021

Hi ,

the regex will search for some possible variants and obfuscations of the well-known string that is used to exploit the log4shell vulnerability.

Paste the full string without the {} here: https://regex101.com/.

You will get an awesome explanation with syntax highlighting.

Daniel

L__G_
Altostratus
Jan 11, 2022
Hello

Another great site for regex visualisation : regexper.com

Copy paste the F5 regex without the {} and (?i).

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Log4j iRule mitigation as described in K59329043 - which encoding is the regex using ?

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Can F5 restrict the file types transferred via FTP?

Kerberos Authentication Failing for Exchange 2016 Behind F5 Cloud WAF

SFP Port LEDs Blinking Yellow

Upgrading F5 units configured as Active-Active without Traffic Groups behind Azure LB

Search for pools with no members

Related Content

Realtime DoS mitigation with VELOS BX520 Blade

Mitigating Log4j Vulnerability using F5 BIG-IP

F5 Distributed Cloud L3-L7 DDoS Mitigation

Mitigating OWASP API Security Risk: BOPLA using F5 BIG-IP

Mitigating OWASP API Security Risks: Broken Authentication using BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS