F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!
01-Mar-2021 15:53
Hi;
In the ASM, illegal http method attack is blocked but it does not result in the blocking response page shown to the user.
Kindly
Wasfi
01-Mar-2021 22:33
would need some more information.
when you say "In the ASM, illegal http method attack is blocked", do you mean it is configured to block or do you see it blocked in the event request log?
are other attacks blocked with a block page shown?
how do you test this? which METHOD?
02-Mar-2021 09:18
It is configured to block and the event request log shows it as being blocked.
I use postman and the request is blocked but no block response page.
02-Mar-2021 10:23
interesting, and if you do a regular request or a different attack you do get the block page?
02-Mar-2021 14:09
I sure do. I get a 200Ok response with no body. My aim is to have a 200Ok response with the block page or a 405 response.
03-Mar-2021 08:27
you didn't make changes to the Response Pages?
what exactly are you sending via Postman?
23-Mar-2021 19:41
It is actually a request to an API "API call"
25-Mar-2021 10:12
an API call is normally nothing else then a specific HTTP request.
provide what you use in Postman i can check if it gives a block page with my settings.
or learn more...
