Forum Discussion

Altostratus

Apr 27, 2023

WAF / ASM : Referer: android-app://com.google.android.gm - Evasion Technique detected

Been seeing this Evasion Technique on the referer Header popping up in learning suggestions. I'm hesitant to follow the learning suggestion to Set Evasion Techniques Violations to disabled on the re...

security

boneyard

MVP

Jul 09, 2023

Seems to happen for more people and was sort of an attack at some time, but then mainly for trailing slashes, is that also in your case?

I think what mainly matters is if that breaks funtionality on your website? Do you see traffic which feels legimate that triggers this alert? Because if not I would certainly not disable the alert. If it seems to be needed I would look into only disabling it in the cases needed.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

WAF / ASM : Referer: android-app://com.google.android.gm - Evasion Technique detected

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

WAF evasion techniques for Command Injection

Cloud Docs - F5OS Technical Reference Materials

Customer Edge Site High Availability for Application Delivery - Reference Architecture

Mitigating new HTTP Request Smuggling techniques with BIG-IP ASM

Credential Stuffing Tools and Techniques

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS