ASM / WAF : block request containing certain string?
I have added as much XSS blocking to a policy as possible. A request containing onmouseover or onclick or .... ="alert('hello')" is blocked fine. But when it's coded like onmouseover or onclick or .... ="self['\x....... the ASM accepts this as valid. Can I block a request with this parameter value? How do I achieve this?ASM / WAF : block request containing certain string?
I have added as much XSS blocking to a policy as possible. A request containing onmouseover or onclick or .... ="alert('hello')" is blocked fine. But when it's coded like onmouseover or onclick or .... ="self['\x....... the ASM accepts this as valid. Can I block a request with this parameter value? How do I achieve this?
Unable to "accept" a HTTP protocol compliance failed violation that is of "HTTP Parser Attack type
While- I try to "accept" the HTTP protocol compliance violation for HTTP Parser attack type, I find the "accept" button greyed out and instead I getting the message "unlearnable request". How do I understand and allow these kind of requests, so that I can ensure that these requests are not blocked.
[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command
Hi Team , 1.Is there any cli command to check if "HTML5 Cross-Domain Request Enforcement" is enabled for any ASM Policy ? 2.CLI command to check the list of allowed URL's ( to reach the below path and find if any url is already allowed ) Security > Application Security > URLs > Allowed URLs ListASM instance creation
HI Team , I have to create an WAF instance similar to the one which is already available . I need help on creating the ASM policy similar to the one which is already used by other VIP . So my ASM policy name is ASM_NETWORK_443 and I have to create an identical policy with name ASM_DRNETWORK_443 . Is there any option to clone the ASM policy or export and import the policy and rename the Policy name ? Kindly help me on this .
ASM don't block attack XSS
hi all, I enabled all the XSS signatures and all signatures are state no staging. why the asm don't block this : <script>alert("attack")</script> It match to some Attack Signature ID : 200101609 , 200001088, 200000098, 200001475 Here is state of signature ID 200001475 Thanks.[ASM] - content type : x-www-form-urlencoded ?
Hello Experts , what does content type : x-www-form-urlencoded means and also what is Parameter name sys06 ? Attack Signature ID 200002145 Name : SQL-INJ expressions like "having 1=1" (Parameter) Context Parameter (detected in Form Data) Parameter Level : Global Actual Parameter : Name : sys06
