For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

kieronS's avatar
kieronS
Icon for Nimbostratus rankNimbostratus
Dec 20, 2021

What is the rule_SSRF_attempt_AllQueryArguments_Body actually checking for

My project have implemented the F5 managed AWS WAF ruleset OWASP_Managed and we've noticed that the WAF is blocking the following rule :

 

rule_SSRF_attempt_AllQueryArguments_Body

 

I need to understand what this rule is actually doing under the covers so that we can establish why it is being triggered. I can't find any documentation that describes what this rule, or any others in the ruleset, is checking for, can anyone tell me where I can find the documentation that explains?

F5 Rules for AWS WAF
security

1 Reply

  • Mohamedfaizur's avatar
    Mohamedfaizur
    Icon for Employee rankEmployee
    Jan 02, 2022

    Hi,

    Unlike traditional, full blown WAF security solutions, the content of F5 rules is not visible and cannot be viewed. Please send us the HTTP request that was blocked . We will confirm whether the rule blocked a true malicious request or not.

    Thanks