Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Exclude WAF for a particular URI

D99
Cirrus
Cirrus

‎07-Nov-2021 05:18

Hi Experts,

 

I have a requirement to exclude WAF for all URI's that include api/mobile. WAF should function normally for other URL/URI's

 

Any guidelines on how to achieve this via HTTP policy or irules.

Labels:
0 Kudos
1 REPLY 1

Erwin_de_Brouwer
Nimbostratus
Nimbostratus

‎07-Nov-2021 06:10

Hi Danish,

I think you could achieve your goal with Local Traffic Policy for ASM. This KB article will provide guidance:

https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-5-0/41.html

 

I can imagine a simple policy like this:

 

Match all of the following conditions:

HTTP URI path contains "api/mobile" at request time

Do the following when the traffic is matched:

Disable ASM at request time

0 Kudos
Copyright © 2023 Khoros, LLC