Forum Discussion

Nimbostratus

Jun 17, 2022

WAFの検知テスト（WAF detection test）

AWS WAF（F5マネージドルール）が正常に適用されているかどうかをテストする方法を教えてください。 WAFによってブロックされていることを確認したいと思います。 Please tell me how to test whether AWS WAF (F5 Managed Rules) is applied normally. I want to make sure it is bloc...

security

Daniel_Wolf

MVP

Jun 18, 2022

Hi gmt20trisc00,

are you looking for a basic test to verify that the rules are detecting attacks? You could try some proof of concept exploit like appending one of these two examples to your URL.

/?cmd=cat%20/etc/passwd

/<script>alert("XSS Attack");</script>

That'll do no harm, but an active WAF should block these requests (or, if not in blocking mode, raise an alert).

KR
Daniel

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

WAFの検知テスト（WAF detection test）

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

LLM Prompt Injection Detection & Enforcement

F5 Distributed Cloud JA4 detection for enhanced performance and detection

HTTP cookie SameSite: test detection of browsers with incompatible SameSite=None handling

VIPTest: Rapid Application Testing for F5 Environments

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS