Forum Discussion

THE_BLUE's avatar
THE_BLUE
Icon for Cirrostratus rankCirrostratus
Nov 01, 2022

Microsoft SharePoint iApp

I have sharepoint running with ltm and asm, but I have faced many rejected requests with different violations. Mostly, attack signatures, illegal parameters, and illegal urls. The setup is normal with no iApp . So, is there any iApp for SharePoint? Will iApp fix this issue?

  • Hey THE_BLUE  - I see nobody has been able to answer your question, so I've asked one of my colleagues to drop into this thread with an assist. 

  • ASM (AWAF) should not be set up with everything on and in blocking. That's not how it works. With ASM, you want to develop a policy before putting it in blocking mode, if you can. The easiest way to do that is to develop a policy "in QA,' by sending ONLY good traffic at the VIP with the policy. Once you've sent a QA run at it, AWAF can learn all as good / expected traffic. At that point, you can put the policy in blocking mode on your production VIP.

    The trickiest bit with Sharepoint is the dynamic URIs. I think there may be a pre-built policy for Sharepoint, if I'm not mistaken. What version are you on?