Forum Discussion

Cirrus

Jun 26, 2019

Unparsable request content - which security tradeoff ?

Hello all, I am facing a violation for URL length exceeding the default ASM (2048) value. Options to deal with this seems to be : increasing the whole system variable value of 2048 Disable ...

MVP

Feb 01, 2024

Hi Aurel and santoshmashetti ,

The best security tradeoff is to define this URI(s) in ASM Microservices and disable HTTP compliance check under this URI only.

Look at here for more details :

https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-implementations-14-1-0/working-with-bigip-security-policy-microservices.html

doing this narrow the attack service for your device and provide an optimal tradeoff for your policy.
But make sure this length is valid in the violation is a false positive.

Thanks

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Unparsable request content - which security tradeoff ?

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Problem with sending BotDefense logs to remote server

ASM/AWAF declarative policy

Related Content

Quarterly Security Notification October 2025

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

Deploying the F5 AI Security Certified OpenShift Operator: A Validated Playbook

BIG-IP security hardening and compliance checks

What is Shape Security?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS