For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Oct 31, 2023

OWASP Rule Groups Blocking Legitmate Requests

I have had a number of legitmate requests getting blocked according to my cloudwatch logs in AWS for our WAF using the F5 Rules for AWS WAF - Web exploits OWASP Rules.

I am attaching a few text files of the CloudWatch Data.

Blocked Rules.zip6 KB

application delivery

F5 Rules for AWS WAF

1 Reply

zamroni777
MVP
Dec 05, 2023
you need to check the http request body because the error log said this:
========= ... "terminatingRuleMatchDetails": [ { "conditionType": "REGEX", "location": "BODY", "matchedData": null, "matchedFieldName": "" } ], ... =======
you can use tcpdump to capture whole packets
tcpdump ... -s 0 -f5 ssl

Security Best Practices for F5 Products

Technical Articles

F5 AppWorld 2026 Registration - early bird pricing.

DevCentral News

Kostas Injeyan - October 2025 Featured Member

DevCentral News

featured member

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5