ASM don't block attack XSS
hi all, I enabled all the XSS signatures and all signatures are state no staging. why the asm don't block this : <script>alert("attack")</script> It match to some Attack Signature ID : 200101609 , 200001088, 200000098, 200001475 Here is state of signature ID 200001475 Thanks.
F5 not Identifying Parameter in Text/Plain Upload
In a webkit: content disposition header, name="file" ; filename="EXAMPLE DOCUMENT 2024.txt" Content-type: text/plain Document data example system ( The issue is that there is already a parameter built at the URI for file as an upload, set to block executables. Yet, it seems that the F5 continues to scan the document and it is not picking up the built parameter. Is it doing this by design? Since F5 is able to parse text? This seems to happen on uploads whose content types are text and xml.
[ASM] - content type : x-www-form-urlencoded ?
Hello Experts , what does content type : x-www-form-urlencoded means and also what is Parameter name sys06 ? Attack Signature ID 200002145 Name : SQL-INJ expressions like "having 1=1" (Parameter) Context Parameter (detected in Form Data) Parameter Level : Global Actual Parameter : Name : sys06
Unable to "accept" a HTTP protocol compliance failed violation that is of "HTTP Parser Attack type
While- I try to "accept" the HTTP protocol compliance violation for HTTP Parser attack type, I find the "accept" button greyed out and instead I getting the message "unlearnable request". How do I understand and allow these kind of requests, so that I can ensure that these requests are not blocked.
ASM instance creation
HI Team , I have to create an WAF instance similar to the one which is already available . I need help on creating the ASM policy similar to the one which is already used by other VIP . So my ASM policy name is ASM_NETWORK_443 and I have to create an identical policy with name ASM_DRNETWORK_443 . Is there any option to clone the ASM policy or export and import the policy and rename the Policy name ? Kindly help me on this .[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command
Hi Team , 1.Is there any cli command to check if "HTML5 Cross-Domain Request Enforcement" is enabled for any ASM Policy ? 2.CLI command to check the list of allowed URL's ( to reach the below path and find if any url is already allowed ) Security > Application Security > URLs > Allowed URLs List
ASM / WAF : block request containing certain string?
I have added as much XSS blocking to a policy as possible. A request containing onmouseover or onclick or .... ="alert('hello')" is blocked fine. But when it's coded like onmouseover or onclick or .... ="self['\x....... the ASM accepts this as valid. Can I block a request with this parameter value? How do I achieve this?
