Forum Discussion
False positive upload image please help
I just simply uploaded an image that got blocked by WAF F5 (SaaS - AWS WAF F5 Web exploits).
I already contacted and worked closely with AWS support that they confirm is blocked by F5 rule.
Can you or anyone please help to fix this issue?
Log for failed upload file:
"terminatingRuleId":"eb2e863a-3067-4ea3-a440-4cefe77075c7","terminatingRuleType":"GROUP","action":"BLOCK","terminatingRuleMatchDetails":[],"httpSourceName":"ALB","httpSourceId":"XXXXXXXXXX","ruleGroupList":[{"ruleGroupId":"eb2e863a-3067-4ea3-a440-4cefe77075c7","terminatingRule":{"ruleId":"f7a9e257-c291-40e1-82f9-d00eefc191cf","action":"BLOCK", {"name":"Content-Length","value":"8072"}
- Erik_Novak
Employee
You might be able to create an allowed URL exception in the policy for uploaded JSON content by creating an allowed URL and then not inspecting body content. Try this:
- Go to Security ›› Application Security : URLs : Allowed URLs : Allowed HTTP URLs and create/add the URL that is associated with the uploaded JSON data. This is will be your allowed URL.
- Change the view to Advanced, then uncheck the Staging checkbox.
- Click Header-Based Content Profile
- Request Header Name: Content-Type
- Request Header Value: json/text--the value appropriate for your app
- Request body handling: Do nothing.
Does that help?