For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ibrahim_37929's avatar
ibrahim_37929
Icon for Nimbostratus rankNimbostratus
Oct 17, 2016

Security policy configuration problem

Hi I use ASM for my applications. After I saw false positives from security-> event logs-> application-> requests. I removed the ticks from security-> application security-> blocking-> settings Evasion technique detected -> bad unescape and HTTP protocol compliance failed-> Header name with no header value options. But after few days I took same errors from ASM. After I checked the blocking options, I saw the bad unescape and header name with no header value options are still chosen. This problem occured 4-5 times. I'm sure that I saved the policy and applied the changings to the policy. How can I solve the problem? My F5 version is 11.6.1hf 1.0.326 Thanks for your help.

 

application delivery
ASM Advanced WAF
BIG-IP
security

3 Replies

  • Jinshu's avatar
    Jinshu
    Icon for Cirrus rankCirrus
    Oct 17, 2016

    Did you choose the policy from the drop down list before you disable the evasion block settings? Are you still seeing it as enabled Security ›› Application Security : Blocking : Settings?

     

    -Jinshu

     

  • Erik_Novak's avatar
    Erik_Novak
    Icon for Employee rankEmployee
    Oct 17, 2016

    To reiterate Jinshu, make sure that you are editing the correct policy. If it still doesn't work, try [tmsh restart sys service asm] and see if that clears up the problem.

     

  • Erik_Novak's avatar
    Erik_Novak
    Icon for Employee rankEmployee
    Oct 17, 2016

    You will not lose any saved configuration data. You will lose any traffic in transit.