ASM -ATTACK SIGNTURE

THE_BLUE · ‎21-Apr-2021

From where ASM bring the below ?

Detected Keyword 8a_iVR18tOx=h[=u4DLfu[Am2cl058%<?iw`TR>s4B.4=3,b#B39bF,YAf>d2NS

when I'm trying to upload document in portal ex: .docx , I face block with attack signature detect

SanjayP · ‎21-Apr-2021

with file uploads through ASM, it always needs to define a explicit "file upload parameter" for a upload link. If not done, ASM will detect lot of false positives when it parse the attachement (e.g. images, pdf or docs).

Plesae go through the below article and create necessary upload parameter.

https://devcentral.f5.com/s/articles/file-uploads-and-asm

View solution in original post

SanjayP · ‎21-Apr-2021

with file uploads through ASM, it always needs to define a explicit "file upload parameter" for a upload link. If not done, ASM will detect lot of false positives when it parse the attachement (e.g. images, pdf or docs).

Plesae go through the below article and create necessary upload parameter.

https://devcentral.f5.com/s/articles/file-uploads-and-asm

THE_BLUE · ‎04-May-2021

in V15 , even if you choose Data Type to be File upload , the attack signture tab will still exist. Shall we have to disable attack check from file upload parameter?

Ahmed_Galal · ‎22-Apr-2021

which attack signature that blocked you and if you are sure that it is normal application behaviour you can allow it under matched parameter.

check this article to Configuring attack signatures for a parameter

https://support.f5.com/csp/article/K79544554

DevCentral

ASM -ATTACK SIGNTURE

MFA required on DevCentral