Forum Discussion

krisnaseechurn's avatar
krisnaseechurn
Icon for Altostratus rankAltostratus
Sep 14, 2022

parent{] (Parameter) blocking api calls with email address

i have an issue where this attack signature is blocking logins to my application with any emai address starting with parent.xxxxx@gmail.com or any other domain. I have tried the below suggestion to disable this specific attack signature however issue still persists:

Disabling Attack signatures for Parameters (BIG-IP 11.5.0 and later)

  1. Log in to the Configuration utility.
  2. Navigate to Security > Application Security > Parameters.
  3. Verify that the policy you want to edit displays in the list below the tabs. If not, click the correct policy in the list.
  4. Click Create.
  5. Under Create New Parameter, for Parameter Name click Explicit, No Name, or Wildcard and then type the parameter name.
  6. For Parameter Level, click Global, URL, or Flow.
  7. Configure the remaining settings as needed.
  8. Click the Attack Signatures tab, and perform one of the following procedures:
    1. To disable all attack signatures for the parameter, clear the Check attack signatures and threat campaigns on this parameter check box.

      Note: In BIG-IP 11.x through 13.x, clear the Check attack signatures on this parameter check box.

      Note: When this option is disabled, the BIG-IP ASM system does not check signatures on inbound or outbound transactions for with this parameter.

    2. To disable only specific attack signatures for the parameter:
      1. Leave the check box selected and click Click here to load Signatures List to display the list of attack signatures if they are not already displayed.
      2. In the Global Security Policy Settings list, click the particular attack signature you want and move it to the Overridden Security Policy Settings list.
      3. For each signature, for State, click Disabled if necessary.

        Note: If you click Enabled for State, the BIG-IP ASM system checks the attack signature for the parameter.

         

 

any suggestions how to resolve this is welcome

 

1 Reply