Possible False Positive for OWASP rule in AWS - di...

Technical Forum

Ask questions. Discover Answers.

Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

DevCentral

Technical Forum

Possible False Positive for OWASP rule in AWS - di...

Options

Subscribe to RSS Feed

Mark Topic as New

Mark Topic as Read

Float this Topic for Current User

Bookmark

Subscribe

Mute

Printer Friendly Page

Possible False Positive for OWASP rule in AWS - div_tag_parameter_AllQueryArguments_Body

jquerin
Nimbostratus

Options

Mark as New

Bookmark

Subscribe

Mute

Subscribe to RSS Feed

Permalink

Print

‎26-Oct-2023 08:44 - edited ‎26-Oct-2023 08:56

We have a WordPress website and we just recently enabled the F5-OWASP_Managed Rule set in AWS.
I noticed we had had over 50 requests blocked from users within our network. It looks like they were attempting to save the page among other valid type requests. The rule that is blocking the request is "rule_div_tag__behavior__Parameter__AllQueryArguments_Body"
I've currently set the blocking rule to "Override to Allow" but I would prefer to not have this rule set to this, but I do not wish to have our site editors blocked from making valid site updates.
I have a downloaded CSV from Cloudwatch of all the blocked requests with the parameters, etc.

Labels:

Cloud

DevOps

Security

F5 Rules for AWS WAF

0 Kudos

Reply

All forum topics

Previous Topic

Next Topic

0 REPLIES 0

Related Content

SSL issues with new setup in Technical Forum 28-Sep-2023

iRule newbie - Whitelisting IP address for Spesific URL and Attack Pattern in Technical Forum 08-Aug-2023

F5 BIG-IP ASM – L7 DDoS attack Protection (TPS, Behavioral & Stress Based detection) in Technical Forum 14-Jul-2023

Icontrol REST upload and apply policy- section "http-protocols" ignored? in Technical Forum 03-May-2023

Community Quicklinks

Register For AppWorld 2024

or learn more...

F5 Receives Six Trust Radius
Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

Topics With No Replies

Active - Not Solved

Recent Solutions

DevCentral Connects/Tue @ 8:30PT

------

Getting Started!

DevCentral Community Guidelines

Community Ranks

Community Resources

Contact Us

About Devcentral

Devcentral News

Technical Forum

Technical Articles

CrowdSRC

Community Guidelines

DevCentral EULA

Get a Developer Lab License

Become a DevCentral MVP

F5 Resources

Product Documentation

White Papers

Glossary

Customer Stories

Webinars

Free Online Courses

F5 Certification

LearnF5 Training

F5 Support

Manage Subscriptions

Support Portal

Professional Services

Create Support Case

Software Downloads

F5 Partners

Find a Reseller Partner

Technology Alliances

Become an F5 Partner

Login to Partner Central

Connect With DevCentral

YouTube

LinkedIn

Twitter

Facebook

©2023 F5, Inc. All rights reserved.

Trademarks

Policies

Privacy

California Privacy

Do Not Sell My Personal Information

Copyright © 2023 Khoros, LLC

DevCentral

Possible False Positive for OWASP rule in AWS - div_tag_parameter_AllQueryArguments_Body

Register For AppWorld 2024

F5 Receives Six Trust Radius Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

F5 Receives Six Trust Radius
Best of 2023 Awards