Asm capabilities to decode base46 request

Question

i have tried to inject sql injection in my request and encode it , the asm pass the request as 200 . so how can i decode the request to allow asm to read and detect the attack?

iof · Answer

Not sure what ASM version you are on however in Advanced WAF v.15 there is a checkbox for "Base64 Decoding" when defining HTTP Headers or Parameters in the application security policy. Only meant to be enabled it if the value expected is always going to be Base64 encoded, otherwise you will get a ton of violations/errors.

Forum Discussion

Asm capabilities to decode base46 request

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Decoding the IPv4 address from the persistence cookie

BIGIP VE maximum connections capability

Exploring BIG-IP VE capabilities on HPE ProLiant DL365 Gen10 Plus servers - Part 1 of 2

Fully Decode URI

Exploring BIG-IP VE capabilities on HPE ProLiant DL365 Gen10 Plus servers - Part 2 of 2