Forum Discussion

Nimbostratus

Jul 15, 2015

Updating attack signatures (best practice)

Is there anyone here that can share their experience(s) regarding the updating (severely)out of date attack signatures with ASM. I inherited ASM management and running 11.4.1 Can attack sig...

Altostratus

Feb 17, 2016

Umm... The last incident was observed on 11.6.1 HF6. The signature got detected was "src http: (Parameter) (2)". However the old signature exist was "src http: (Parameter)" without (2).

The updated signature i.e. "src http: (Parameter) (2)" automatically took place and followed the ASM Policies' action i.e. Blocking.

So I think this needs to get verified.

swo0sh_gt_13163

Altostratus

Aug 09, 2016

@Hannes Rapp, Well, that was rude. This community is built to exchange information and knowledge. And I don't see any issue putting that comment out there. I shared it because I got an update, and it might help others.

So better sharing your personal view and respect all the contributors to the community.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Updating attack signatures (best practice)

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Terraform LTM provider - ICMP disabled on resulting VIPs

Need to make 2 Virtual Appliance in r4600 F5

Disabling signature for a URL

XC - geo LB to the origin servers

F5 LACP

Related Content

AS3 Best Practice

F5 Certified Practice Exams

Five Ways to Automate F5OS with Ansible: A Practical Guide

NGINX App Protect v5 Signature Notifications

Live Update- ASM attack signatures

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS