False Positive on AWS WAF F5 Managed Rule F5#OWASP.rule_SQL_INJ_SELECT_DATABASE____Parameter__AllQue

Question

Hello&nbsp;We have setup AWS WAF2 with F5 OWASP Subscription and currently getting some False Positive requests Blocks. We need support from F5support.We recently enabled "F5-OWASP_Managed" rules set on a AWS WAFv2 and Once we did we started seeing a false positive for an API call with the following rule...F5#OWASP.rule_SQL_INJ_SELECT_DATABASE____Parameter__AllQueryArguments_BodyAfter some further investigation we discovered the rule is tripped when we make a request to export data to a CSV file.Can you give us more background information on exactly what this rule is doing and how we should go about avoiding this false positive?&nbsp;RegardsIrantha

leslie_hubertus · Answer

Hi&nbsp;iranthawow&nbsp;- I'm featuring your post in this week's Community Highlights article to try to boost visibility so someone will answer.&nbsp;

Forum Discussion

False Positive on AWS WAF F5 Managed Rule F5#OWASP.rule_SQL_INJ_SELECT_DATABASE__ParameterAllQue

1 Reply

Recent Discussions

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

F5 Rseries HA

Related Content

F5 Distributed Cloud WAF AI/ML Model to Suppress False Positives

Minimizing Security Complexity: Managing Distributed WAF Policies

Re: Management Certificate

Automating ACMEv2 Certificate Management on BIG-IP

Handle False Positive for files upload