wildcard entity enforcement

Question

Hi all, &nbsp;I have my ASM policy set with selective learning for URLs. At enforce readiness page I have suggestedd URLs to add as explicit entities which I understand why they are there. But I also have posibility to enforce wildcard entity as it is on picture:&nbsp;&nbsp;So, why do I have this entry to enforce and should I enforce it? As I understand selective learning you have wildcard by default and you are enforcing explicit entities.&nbsp;Best regards,Milovan&nbsp;

nathan_f__f5_ · Answer

Hi Milovan,&nbsp;It looks like your wildcard URLs are in staging which basically just means that when a URL matches the wildcard it can still learn from it but it won't block any traffic. If you were to enforce the wildcard then it would start blocking traffic when there are URLs that match the wildcard and the traffic triggers a violation. The following manual chapter speaks about this a little bit in the "Adjusting the enforcement readiness period" section.&nbsp;https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-13-1-0/31.html

Forum Discussion

wildcard entity enforcement

Recent Discussions

Oracle JDBC SSL Termination failing on F5

APM for banner and cert

An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

How to Renew F5 Device Certificate

How to export a list of paired external service providers from APM?

Related Content

BoT Defense Profile, Signature Enforcement

Wildcard Parameter signature attack

Enforce RFC Compliance option in http profile

Logfile to ASM Policy Entities

Why "Do not enable both staging and Add All Entities in the same wildcard entity" ?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS