13-Jan-202301:55 - last edited on 22-Jan-202307:25 by boneyard
Hello,
We have WAF ACL "bl-prd-crm-acl" for our production workload.
One of our production api URL was got blocked due to this as it was due to F5 Rule. with error 403 forbidden.
Time Frame :2023-01-05 to 2023-01-11 We need RCA for the block and currently we have allowed the IP for the service consumer but we want to fix the issue itself considering production environment.
Hi @vaibhavkumar-savkare - I see nobody has answered your question yet, so I featured it in the Unanswered Questions section of this week's Highlights article. I've also asked a colleague to take a look.
To understand this, you'll need to go through your request and response logs to see what the error was. Usually, it's very clear. If you've not done this yet, here is, maybe, a lifeline:
Not at all. You need the detailed events so you can see packet payload. The video worked fine for me from 3 different devices just now, so I'd try a different device. Or maybe post pictures of the relevant events from the AWAF event viewer?
The rule mentioned is related to cross-site scripting. Unlike traditional, full blown WAF security solutions, the content and detailed descriptions of F5 rules cannot be viewed.
If the rule was blocking legitimate traffic, you can disable it.
Je suis également confronté au même problème. Je suis heureux d'avoir trouvé votre message en cherchant ce site Web playcasinocanada où j'ai trouvé ces sites grâce auxquels je peux facilement gagner de l'argent. Si vous voulez aussi gagner de l'argent, vous pouvez visiter là-bas et trouver les sites grâce auxquels vous pouvez gagner de l'argent.
