For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

uni's avatar
uni
Icon for Altocumulus rankAltocumulus
May 05, 2014

Scanning long requests

As described in sol14034, if I set EnableASMByPass to 1, and a request exceeds long_request_buffer_size, are the first (long_request_buffer_size) bytes scanned before bypassing the rest, or is none of the request scanned?

 

ASM Advanced WAF
security

1 Reply

  • samstep's avatar
    samstep
    Icon for Cirrocumulus rankCirrocumulus
    May 22, 2014

    Bypass means bypass - if the request is larger then long_request_buffer_size then ASM module (along with scanning the content using attack signatures) is bypassed - the traffic will not flow through ASM. So no bytes will be be scanned.

     

    However, you cany enable enable enforcement of RFC compliance, geolocation, and IP reputation for large requests that exceed the long_request_buffer_size using enforce_rfc_in_long_request variable - descibed in the same solution sol14034