Forum Discussion

Cirrus

Oct 23, 2020

Wildcard URL with "dot" allowed confused with a file type

Hello evryone I configuered a wildcard URL (/x/y/*) in my ASM policy with the "." as an allowed meta character, but all the requests /x/y/1245.452 for example are blocked by violation illegal ...

ASM Advanced WAF

Security

Andrew-F5

Employee

Oct 26, 2020

There's really only two solutions:

(1) Accept the filetype and do nothing

(2) create a wildcard file type which will accept all non-explicit filetypes including no_ext.

no_ext filetypes are those urls with no periods that works in conjunction with wildcards

Note that the burden of enforcement will shift to url matching.

violation will not be a bad filetype, but rather an unknown url

There is a feature request to prevent this behavior but it hasn't been added to any F5 software yet ID400017.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Wildcard URL with "dot" allowed confused with a file type

Recent Discussions

DEVICE-0202 Error while adding rSeries as a provider in CM

BigIP LTM update from v16 to v17

Foot Trooper Beneficios

Troubleshooting SSL Connections

Reclaim disk space for BIG-IP tenants running on rSeries systems

Related Content

AS3 TLS_Client VS TLS_Server Schema confusion

Cache Confusion

Wildcard Parameter signature attack

iRule http host with wildcard domain

Wildcard SSL Certificate Deployment on F5 LTM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS