Unable to "accept" a HTTP protocol compliance failed violation that is of "HTTP Parser Attack type
While- I try to "accept" the HTTP protocol compliance violation for HTTP Parser attack type, I find the "accept" button greyed out and instead I getting the message "unlearnable request". How do I understand and allow these kind of requests, so that I can ensure that these requests are not blocked.
ASM instance creation
HI Team , I have to create an WAF instance similar to the one which is already available . I need help on creating the ASM policy similar to the one which is already used by other VIP . So my ASM policy name is ASM_NETWORK_443 and I have to create an identical policy with name ASM_DRNETWORK_443 . Is there any option to clone the ASM policy or export and import the policy and rename the Policy name ? Kindly help me on this .[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command
Hi Team , 1.Is there any cli command to check if "HTML5 Cross-Domain Request Enforcement" is enabled for any ASM Policy ? 2.CLI command to check the list of allowed URL's ( to reach the below path and find if any url is already allowed ) Security > Application Security > URLs > Allowed URLs List
ASM / WAF : block request containing certain string?
I have added as much XSS blocking to a policy as possible. A request containing onmouseover or onclick or .... ="alert('hello')" is blocked fine. But when it's coded like onmouseover or onclick or .... ="self['\x....... the ASM accepts this as valid. Can I block a request with this parameter value? How do I achieve this?ASM / WAF : block request containing certain string?
I have added as much XSS blocking to a policy as possible. A request containing onmouseover or onclick or .... ="alert('hello')" is blocked fine. But when it's coded like onmouseover or onclick or .... ="self['\x....... the ASM accepts this as valid. Can I block a request with this parameter value? How do I achieve this?