17-Sep-2021 09:52
Hi all
I have setup a ASM profile and all my application will through BIG-IP WAF.
But I have a issue " HTTP Protocol Compliance Failed: Header name with no header value " for a resquest with header name " abc" has no value.
I can bypass it by unblock or disable rule Header name with no header. But
This will be applied on all headers. I need to do only with one header. one option I know is to create the iRule.
Plz help me for use irule with header name "abc"
Thanks
Hoang Hung
17-Sep-2021
12:05
- last edited on
04-Jun-2023
19:18
by
JimmyPackets
Hi Hoang Hung,
You can check this article: Disabling a violation for a URL using an iRule (f5.com)
According to article, first get the violation name in a separate irule and then use that violation name in second irule with your host header condition. Do not forget to change the "Specific_ASM_Violation" value with the name of matched violation, when the request with header name "abc" has no value.
when ASM_REQUEST_DONE {
if {[ASM::violation names] contains "Specific_ASM_Violation" and [HTTP::header "abc"] equals "" } {
ASM::unblock
log local0. "ASM unblocking"
}
}
17-Sep-2021 20:14
Thank Oguzy
I was been read article, I saw F5 use irule get violation name.
But I had event log on F5. Is it Http protocol compliance failed , right ?
Thanks
Hoang Hung
18-Sep-2021 00:37
Hi Hoang,
Could you please try to determine the exact violation name using the following steps: