Forum Discussion
What is the rule_SSRF_attempt_AllQueryArguments_Body actually checking for
My project have implemented the F5 managed AWS WAF ruleset OWASP_Managed and we've noticed that the WAF is blocking the following rule :
rule_SSRF_attempt_AllQueryArguments_Body
I need to understand what this rule is actually doing under the covers so that we can establish why it is being triggered. I can't find any documentation that describes what this rule, or any others in the ruleset, is checking for, can anyone tell me where I can find the documentation that explains?
- MohamedfaizurEmployee
Hi,
Unlike traditional, full blown WAF security solutions, the content of F5 rules is not visible and cannot be viewed. Please send us the HTTP request that was blocked . We will confirm whether the rule blocked a true malicious request or not.
Thanks
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com