cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

ASM SQL injection action changed based on source ip location

David_M
Cirrostratus
Cirrostratus

Hello,

 

We have a ASM case being reported in which the SQL injection is being blocked in general but the same signature is only results in an alert when the traffic is incoming from a particular source country.

 

Has anyone seen this behavior, I don't think we have manually configured any such behavior so its really strange to even hear of this.

2 REPLIES 2

Erik_Novak
F5 Employee
F5 Employee

Can you confirm that no Geolocation protection is enabled and that there are no IP address exceptions configured for that particular range of IP addresses?

Yes I double checked we have not configured such exceptions or using geo locations. Also I think the problem is a different one, they just reported it this way but that's not what's happening so I guess this thread can just stop here for now..