Forum Discussion
Security policy configuration problem
Hi I use ASM for my applications. After I saw false positives from security-> event logs-> application-> requests. I removed the ticks from security-> application security-> blocking-> settings Evasion technique detected -> bad unescape and HTTP protocol compliance failed-> Header name with no header value options. But after few days I took same errors from ASM. After I checked the blocking options, I saw the bad unescape and header name with no header value options are still chosen. This problem occured 4-5 times. I'm sure that I saved the policy and applied the changings to the policy. How can I solve the problem? My F5 version is 11.6.1hf 1.0.326 Thanks for your help.
3 Replies
- Jinshu
Cirrus
Did you choose the policy from the drop down list before you disable the evasion block settings? Are you still seeing it as enabled Security ›› Application Security : Blocking : Settings?
-Jinshu
- Erik_Novak
Employee
To reiterate Jinshu, make sure that you are editing the correct policy. If it still doesn't work, try [tmsh restart sys service asm] and see if that clears up the problem.
- Erik_Novak
Employee
You will not lose any saved configuration data. You will lose any traffic in transit.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com