Forum Discussion

Cirrostratus

Nov 01, 2022

Microsoft SharePoint iApp

I have sharepoint running with ltm and asm, but I have faced many rejected requests with different violations. Mostly, attack signatures, illegal parameters, and illegal urls. The setup is normal wit...

application delivery

security

AubreyKingF5

Moderator

Nov 14, 2022

ASM (AWAF) should not be set up with everything on and in blocking. That's not how it works. With ASM, you want to develop a policy before putting it in blocking mode, if you can. The easiest way to do that is to develop a policy "in QA,' by sending ONLY good traffic at the VIP with the policy. Once you've sent a QA run at it, AWAF can learn all as good / expected traffic. At that point, you can put the policy in blocking mode on your production VIP.

The trickiest bit with Sharepoint is the dynamic URIs. I think there may be a pre-built policy for Sharepoint, if I'm not mistaken. What version are you on?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Microsoft SharePoint iApp

Recent Discussions

iRule to Change Default Pool (not redirect to another pool)?

What is the best practice for migrating from iseries to rseries?

iRule to Force Source IP to Specific Backend Node

checking the fan status on the device.

what is this serial number b1:e5:bd:8f:2x:58:xx:27 in device certificate?

Related Content

Microsoft SharePoint 2016 iApp template

Microsoft SharePoint 2013/2010 iApp template

Microsoft SharePoint and Microsoft Exchange December 2020 Security Update

Microsoft SharePoint Latest Update Summary (CVE-2020-1178, CVE-2020-1181)

Microsoft SharePoint Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS