cancel
Showing results for 
Search instead for 
Did you mean: 

ASM_RESPONSE_VIOLATION SECTION doesnt see ASM violation

Yozzer
Nimbostratus
Nimbostratus

Hi

 

When i use this section in an irule it sees most violations so i can manage them but if the HTTP method is DELETE then this section doesnt get called. Why would that happen even though it is blocked in the ASM policy.

 

Thanks

1 REPLY 1

samstep
MVP
MVP

The key word here is RESPONSE. If you have a REQUEST with HTTP method DELETE then there is no ASM_RESPONSE_VIOLATION because the request never gets to the server, so there is no response and no response violation. and the reason why your request never gets to the server (pool member) is because the second F5 ASM sees the DELETE in the REQUEST it blocks it.

 

You should be using ASM_REQUEST_DONE if you want to catch the "Invalid Method" violation which is raised when DELETE method is blocked in the F5 ASM policy