cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

ASM -ATTACK SIGNTURE

THE_BLUE
Cirrus
Cirrus

From where ASM bring the below ?

Detected Keyword 8a_iVR18tOx=h[=u4DLfu[Am2cl058%<?iw`TR>s4B.4=3,b#B39bF,YAf>d2NS

 

when I'm trying to upload document in portal ex: .docx , I face block with attack signature detect

 

1 ACCEPTED SOLUTION

SanjayP
MVP
MVP

with file uploads through ASM, it always needs to define a explicit "file upload parameter" for a upload link. If not done, ASM will detect lot of false positives when it parse the attachement (e.g. images, pdf or docs).

 

Plesae go through the below article and create necessary upload parameter.

 

https://devcentral.f5.com/s/articles/file-uploads-and-asm

View solution in original post

3 REPLIES 3

SanjayP
MVP
MVP

with file uploads through ASM, it always needs to define a explicit "file upload parameter" for a upload link. If not done, ASM will detect lot of false positives when it parse the attachement (e.g. images, pdf or docs).

 

Plesae go through the below article and create necessary upload parameter.

 

https://devcentral.f5.com/s/articles/file-uploads-and-asm

in V15 , even if you choose Data Type to be File upload , the attack signture tab will still exist. Shall we have to disable attack check from file upload parameter?

Ahmed_Galal
Cirrostratus
Cirrostratus

which attack signature that blocked you and if you are sure that it is normal application behaviour you can allow it under matched parameter.

 

check this article to Configuring attack signatures for a parameter

 

https://support.f5.com/csp/article/K79544554