Forum Discussion

Nimbostratus

Apr 26, 2024

Open Redirection Mitigation

hello, ASM has a feature to mitigate the open redirection attacks when the redirect happens at the header level (i.e: with Location in response). When the redirection is within the payload response...

Daniel_Wolf
May 03, 2024
Hi OM,

if this it the request: "https://website.com/redirect.jsp?url=https://google.com"
Then url is a parameter and https://google.com is a parameter value. In ASM you can control which parameter values are allowed. Issue solved.

Sample config:

And the result:

KR
Daniel

spalande

Nacreous

Apr 30, 2024

Interesting. Did you already test this that if it isn't a HTTP redirect but could be HTML or javascript redirect from the payload, ASM doesn't block it?

I'm not sure if custom ASM signature can be built around this that might be checked with your account representative from F5. But this can be definitely blocked with custom iRule to scan the payload and allow only whitelisted redirect URL values.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Open Redirection Mitigation

Recent Discussions

Problem with lets encrypt and redirect after update

Should config via cli rather than gui?

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

question about getting hsl data to be formatted properly in splunk

iRule for client certificate verification and inserting CN

Related Content

AppWorld 2024 Call For Speakers open

Open redirect mitigation

Cyber Security Attack Mitigations with BIG-IP features

CitrixBleed Mitigation CVE-2023-4966

F5 Distributed Cloud L3-L7 DDoS Mitigation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS