For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

davidfisher's avatar
davidfisher
Icon for Cirrus rankCirrus
Feb 24, 2022

Some help with irule to unblock ASM for URIs and matching signature

Hello Team F5! I wish to create irules to disable based on 3 matching conditions: - client IP - x.x.x.x. - URIs and paths: /apis - for all URIs starting with /apis /example/proxy.aspx – Exact pa...
asm
irule
security
Ismael_Goncalves's avatar
Ismael_Goncalves
Icon for Employee rankEmployee
Feb 26, 2022

davidfisher , your iRule logic seem to be fine, however, could you clarify more the reason why you want this? Is this due a false positive? I've seen similar scenarios where a parameter contained an XML data such as param=<?xml version="1.0"?>... causing some false positive. In that case, you could create a parameter of XML Value instead of 'User input' value. Also, if you don't care much about the source IP, you can disable the signatures at the URL level but then you disable for everybody. This would depend if it is satisfy your security requirements.