F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

MSZ's avatar
MSZ
Icon for Nimbostratus rankNimbostratus
Feb 24, 2016

Signature ID is required

Can anyone identify the signature ID's on WAF for the following cases?   Cross-Site Scripting: ReflectedCross-Site Scripting vulnerabilities were verified as executing code on the web application...
ASM Advanced WAF
BIG-IP
security
Chris_Grant's avatar
Chris_Grant
Icon for Employee rankEmployee
Mar 03, 2016

You are not likely to get an explicit answer to this question. For one thing, different versions of our code have different signature sets, and for another this list is constantly changing as our developers come out with new signatures to address new vulnerabilities.

 

Some of these are not defended against by attack signatures, but by properly configuring your ASM. Most of these are defended against by groups of signatures, not just a single signature. I would suggest reviewing the ASM implementation guide. If you need more assistance with setting your ASM up, F5 has professional services that can help you get this configured. We also have Silverline where we will host an ASM for you.

 

If you have are attempting to achieve a specific end, a more specific question may get you a more specific answer.