19-Nov-2020 08:52
Hello Dev Central community,
I have a question about ASM triggering violations for known attack signatures for execution attempts based on keywords "top", "time", "source", etc. and how to properly handle these false positives.
These keywords appear within the HTTP cookie, where some URI paths include "top" and other unix/linux commands.
Aside from disabling this ASM violation from the security policy - is there a way to have the F5 ASM ignore these parameters?
19-Nov-2020 09:38
Thanks Lidev! Appreciate the response. I'll edit the cookie list.
20-Nov-2020 01:07
Your welcome, if my answer was helpful, please don't forget to mark the answer as "Select as Best" in order to pass you post as resolved and help others peoples to find it.