For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Deepti_Nayak_26's avatar
Deepti_Nayak_26
Icon for Nimbostratus rankNimbostratus
Oct 14, 2016

UNABLE TO LEARN SOME REQUEST VIOLATION IN BIGIP ASM 12.1.0

I am using BIGip ASM version 12.1.0. I have configured virtual servers & blocking policies on those virtual servers . I am able to learn requests for some violations but for some violations I am not ...
ASM Advanced WAF
security
samstep's avatar
samstep
Icon for Cirrocumulus rankCirrocumulus
Oct 16, 2016

Deepti, these violations are not learnable, you will need to add them manually to the policy.

 

See ASM Configuration Guide:

 

The following violations are considered unlearnable:

 

  • Request length exceeds defined buffer size
  • CSRF authentication expired
  • Illegal session ID in URL
  • Login URL bypassed
  • Login URL expired
  • Cookie Violations
  • ASM Cookie Hijacking
  • Expired timestamp
  • Modified ASM cookie
  • Input Violations
  • Illegal number of mandatory parameters
  • Failed to convert character
  • Brute Force: Maximum login attempts are exceeded
  • Null in multi-part parameter value
  • Negative Security Violations
  • Virus detected
  • RFC Violations
  • Cookie not RFC-compliant

These are other special violations for which the system does not provide learning suggestions:

 

  • Access from disallowed User/Session/IP
  • Web scraping detected

Hope this helps,

 

Sam