Forum Discussion

Nimbostratus

Dec 31, 2015

Protection against XSS cross-scripting infinte attacks tries.

Dears, The F5 ASM is doing its job by blocking the XSS cross-scripting attacks and block the attack, this is done by the built-in signatures of the WAF. but i still able to keep trying my script...

ASM Advanced WAF

security

ltwagnon

Ret. Employee

Dec 31, 2015

Muhannad, here's an article on username and session tracking that might help you: https://devcentral.f5.com/articles/the-big-ip-application-security-manager-part-9-username-and-session-awareness-tracking

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

CIS

container ingress services

devops

Gateway Fabric

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Protection against XSS cross-scripting infinte attacks tries.

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Syslog server not visible in GUI

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Related Content

Cross Site Scripting (XSS) Exploit Paths

Mitigating OWASP Web Application Risk: Cross-Site Scripting (XSS) using F5 BIG-IP

L7 DoS Protection with NGINX App Protect DoS

Lightboard Lessons: OWASP Top 10 - Cross Site Scripting

F5 API Security: Discovery and Protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS