Forum Discussion

Cirrus

Mar 27, 2022

Solved

Why is 403 excluded in defaults allowed HTTP Status Codes in AWAF/ASM ASP?

Hi Experts, HTTP Status Code 403 seems to be a reasonable response by a web application unwilling to fulfuil a request. So, I'm at loss to understand why F5 excluded it from default allowed HTTP Sta...

security

epaalx
Mar 28, 2022
FYI... Original K52325602 was wrong - now corrected by removing 403 and 500.

Samir

MVP

Mar 28, 2022

Link K7922: Overview of BIG-IP ASM HTTP response code filtering, is valid till v14.x as per details has updated.

Link https://support.f5.com/csp/article/K52325602 is valid till v15.x per details.

Forum Discussion

Why is 403 excluded in defaults allowed HTTP Status Codes in AWAF/ASM ASP?

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Query on source IP preservation for syslog traffic through F5 virtual server

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Related Content

F5 asm/awaf

F5 ASM/AWAF Preventing unauthorized users accessing admin path using iRule script

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

F5 BIG-IP Automatic email notification for system update events (ASM/AWAF)

Exporting and importing ASM/AWAF security policies with Ansible and Terraform