Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

bypass APM portal application file upload om WAF policy

Marvin
Cirrostratus
Cirrostratus

‎09-Mar-2021 03:21

We have an APM policy with an portal application where users upload files, we see randomly internal server 500 errors appearing during several file uploads. We are checking if this could be caused by ASM and try to bypass URLs that contain upload however it seems that the bypass is not being performed as it is not being hit on that particular virtual server but on client side we confirm that the client is requesting this URL.

 

These URL are always rewritten on F5 with an identifier in the URL something like https://hostname/F5identifier/upload and body payload contains the file.

 

So actually two questions

 

What could be causing this internal_server error?

Why isnt the ASM policy being bypassed, perhaps because APM portal APP has preference (internal F5 processing)?

Labels:
0 Kudos
1 REPLY 1

Daniel_Wolf
Nacreous
Nacreous

‎09-Mar-2021 07:48

Hi Marvin,

 

two answers for two questions:

  1. You should probably see the reason for the HTTP 500 status in you application server logs.
  2. BIG-IP APM receives and processes traffic before BIG-IP ASM does. see K13315545: Configuring a BIG-IP ASM virtual server to protect a BIG-IP APM login page with brute for...

 

KR

Daniel

Copyright © 2023 Khoros, LLC