ASM Policy Configuration - Allowed URLs
We have been using ASM to block our web apps for about 4 months. Recently, we started having frequent and random f5 failovers. We have been told that it is because we are using wildcard for HTTP and HTTPS in the URL: Allowed URLs portion of our policies. We are not learning, alarming or blocking Illegal URL and based on documentation provided by f5, using the wildcard is acceptable and results in a "policy that easy to manage but may not be as strict." Anybody experienced this or know if it is required to have an explicit list of allowed URLs and associated Content Type profiles? We are on version 12.1.2