For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

mwitt_65218's avatar
mwitt_65218
Icon for Nimbostratus rankNimbostratus
Jun 08, 2009

This should not be so difficult.

Hello,     We have F5 ASM v9.4.5 running on a production web app (though very few users use it).     We have Automatic Policy Builder running. A parameter named email was create...
app sec
BIG-IP Access Policy Manager (APM)
security
mwitt_65218's avatar
mwitt_65218
Icon for Nimbostratus rankNimbostratus
Jun 09, 2009
Naladar,

 

 

If I turn off Automatic Policy Builder and am in Manual mode, how do I turn off a particular Attack Signature (e.g., SQL-INJ @ROOT) for a particular parameter? I do not want to turn off for the whole web app this Attack Signature but only want to turn it off for certain controls.

 

 

If I click Policy - Blocking - Settings, I see how I could refrain from clicking Blocking for this particular Attack Sig, but I am thinking that this would turn off the Attack Sig completely.

 

 

When I am in Manual mode and am not in Automatic Policy Building mode, can I still go to the parameter itself to disable a particular Attack Sig? Of course I have done this already and have disabled the Attack Sig for the email parameter, but for some reason Automatic Policy Builder or F5 keeps showing an error in the Report section.

 

 

Thanks much in advance,

 

 

mwitt