Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Transfer file 30M+ with enabled ASM

Vladimir_Shishk
Altocumulus
Altocumulus

‎22-Jun-2021 00:39 - last edited on ‎04-Jun-2023 19:24 by Fog

Hello.

I have a ASM enabled SSL-site. I need to transfer files via HTTP PUT with size more than long_request_buffer_size (default 10M, maximum 30Mb).

I tried to use an iRule script to stop ASM processing but nothing happened, large files are not transfered.

What should I do?

Thank you.

when HTTP_REQUEST {
if {[HTTP::method] equals "PUT" } {
ASM::disable
log local0. "ASM disabled for upload directory for [IP::client_addr]."
} 
else {
ASM::enable SSSSSSSS
log local0. "ASM enabled. Current ASM policy is [ASM::policy]"
}
}
Labels:
0 Kudos
1 REPLY 1

Nikoolayy1
MVP
MVP

‎26-Jun-2021 00:53

Have you read https://support.f5.com/csp/article/K01235989 and followed "Disable large file processing by the BIG-IP ASM" ? This was the ASM will still check the first 10KB but will not block big files.

 

 

Also do you have security logging profile under the ASM to see that you are blocked by the ASM and do you still see the error messages in /var/log/asm that the file is bigger than the buffer? This "ASM::disable" is not great because you may bypass your security for real attacks also maybe the files are matched with "POST" and you dont trigger the irule? Do you see that the traffic is matching the iRule in the /var/log/ltm?

 

 

https://support.f5.com/csp/article/K37655278

Copyright © 2023 Khoros, LLC