User is being blocked on F5 with because the email adress starts with "parent.

Question

our f5 waf attach signatures is treating email addresses as risk and blocking the traffic. email address for people with surname 'parent' is not allowed. do we have a solution on how to allow this traffic without compromising attack signatures

yoann_le_corvi1 · Answer

HiWe would need more info, and possibly the request payload triggering the event. But my feeling is that you should be able do diasable that specific signature on the specific parameter where the email address is used. That way, you do not completely disable the signature for the whole policy.But if you provide the detailed payload causing the issue, I will be able to be more specific.Yoann

Forum Discussion

User is being blocked on F5 with because the email adress starts with "parent.

1 Reply

Recent Discussions

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

About AWAF "Redirect URLs" in "Responses and Blocks"

ISP Bandwidth Utilization

Related Content

Losing Requests because of health monitoring

Block traffic

domain blocking

Block IP after a number of ASM Blocks

Response and blocking page