Example OWASP Top 10-compliant declarative WAF policy

Problem this snippet solves: This is an example of a basic declarative BIG-IP WAF policy that is OWASP Top 10-compliant. This policy can be used as a starting point for a production-ready version. ...
Published Jan 18, 2021
Version 1.0
ASM Advanced WAF
BIG-IP
OWASP Top 10
OWASP-App-Security
security
forsan's avatar
forsan
Icon for Altostratus rankAltostratus
Aug 26, 2022

Hi Valentin_Tobi,

thank you for your help, that worked grate!.

Is it possible to give access to one user to only have Appilcation Security rights to one partition and allowed to send AS3 declarations?

I get the following error when trying this. The same command is working with admin user.

{
"code": 401,
"message": "Authorization failed: user=https://localhost/mgmt/shared/authz/users/api resource=/mgmt/shared/appsvcs/declare verb=POST uri:http://localhost:8100/mgmt/shared/appsvcs/declare referrer:10.0.1.11 sender:10.0.1.11",
"referer": "10.0.1.11",
"restOperationId": 24634210,
"kind": ":resterrorresponse"
}
 
Br Forsan