Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

What is the rule_SSRF_attempt_AllQueryArguments_Body actually checking for

kieronS
Nimbostratus
Nimbostratus

‎20-Dec-2021 06:05

My project have implemented the F5 managed AWS WAF ruleset OWASP_Managed and we've noticed that the WAF is blocking the following rule :

 

rule_SSRF_attempt_AllQueryArguments_Body

 

I need to understand what this rule is actually doing under the covers so that we can establish why it is being triggered. I can't find any documentation that describes what this rule, or any others in the ruleset, is checking for, can anyone tell me where I can find the documentation that explains?

Labels:
0 Kudos
1 REPLY 1

Mohamedfaizur
F5 Employee
F5 Employee

‎01-Jan-2022 19:56

Hi,

Unlike traditional, full blown WAF security solutions, the content of F5 rules is not visible and cannot be viewed. Please send us the HTTP request that was blocked . We will confirm whether the rule blocked a true malicious request or not.

Thanks

0 Kudos
Copyright © 2023 Khoros, LLC