Having labels for AWS WAF F5 Managed Rules
I would like to know how to activate labels for specific rules when I set then to count on my "F5 Rules for AWS WAF - Web exploits OWASP Rules" subscription. I am having troubles with an specifc rule which is triggering false positive blocks so I would like to create an exception to it when I set it to count, however this option is not available on the aws console. What can I do to deal with this situation if I don't have any labels available for the rule?
F5 x-chunk
sorry for the simplicity in this but i keep getting a 'http request body unparsed payload'. it's a user file upload. multiple types, pdf zip txt. theres no content type in the post and i tried a do nothing for multipart/form-data under the uri. there's nothing that should be conflicting w it. the xchunk is identifying the file type uploaded but theres not much to go off of. i just have a list of individual attack sigs to tune for on the user end. kinda lost. any help is appreciated TIA
Possible False Positive for OWASP rule in AWS - div_tag_parameter_AllQueryArguments_Body
We have a WordPress website and we just recently enabled the F5-OWASP_Managed Rule set in AWS. I noticed we had had over 50 requests blocked from users within our network. It looks like they were attempting to save the page among other valid type requests. The rule that is blocking the request is "rule_div_tag__behavior__Parameter__AllQueryArguments_Body" I've currently set the blocking rule to "Override to Allow" but I would prefer to not have this rule set to this, but I do not wish to have our site editors blocked from making valid site updates. I have a downloaded CSV from Cloudwatch of all the blocked requests with the parameters, etc.
F5 Rules for AWS WAF - API Security Rules (Requesting a Trial)
Hi, We have deployed the AWS WAF in our AWS account and we would like to enable and evaluate the API Security Ruleset available in the AWS Marketplace on a SOAP API environment. We would like to know whether it is possible to evaluate the rules before purchasing by requesting a trial for a short time period so that we can evaluate the efficacy of the rules against targeted attacks towards SOAP APIs. This will be greatly helpful to us in making purchasing decisions.
