Forum Discussion

kh1's avatar
kh1
Icon for Nimbostratus rankNimbostratus
Aug 27, 2024

Unable to edit or modify Policy is Case Sensitive Option in F5 WAF

Hello Team,

I've encountered an issue with the WAF Case Sensitive Option in Version 16.1.2.2 Build 0.0.28. In the Security Settings under Application Security, specifically within Security Policies, the "Policy is Case Sensitive" setting is enabled,

 

(Login LB > Security > Application Security > Security Policies > Policies List > [XXX Policy] > General Settings >> Policy is Case Sensitive : Yes) 

Where I am unable to modify it directly. Despite my efforts to resolve this by downloading and re-uploading the policy, the option to change the case sensitivity remains inaccessible.

Additionally, I reviewed a related support article which suggested using an iRule as a workaround for case sensitivity issues. The proposed iRule is as follows:

 

when HTTP_REQUEST {
    HTTP::path [string tolower [HTTP::path]]
}

 

While this iRule effectively converts the request path to lowercase, it does not resolve the need to configure case sensitivity within the WAF Policy itself. I seek assistance in either enabling the option to modify the case sensitivity directly within the WAF Policy settings or in finding an alternative method to achieve the desired configuration. Any insights or advanced troubleshooting steps would be greatly appreciated.

Thank you.

  • You can export the WAF policy in XML format search for the below field and change it to true value

      <case_insensitive>true</case_insensitive>