OWA File Upload URIs for WAF Bypass
Hi All, We are using the OWA 2016 WAF application template (negative security model) and would like to know: The list of OWA URIs used for file uploads The recommended URIs to bypass or relax WAF inspection for uploads Our intention is to disable file upload/payload inspection and signature enforcement only for those URIs, while retaining HTTP compliance checks, as file scanning is handled via ICAP. Any guidance would be appreciated. Thanks.F5 AWAF/ASM learning only from Trusted traffic?
I found this nice option "Only from Trusted Traffic" for the Policy Builder but this is seems to relevant only after the learning period has passed. I did increase the thresholds to the max possible value 1000000000 under "Loosen Policy" for "Untrusted Traffic "as to never learn from not trusted IP addresses in the initial learning period that is 7 days. I think that is the correct way ? I would have been nice to have a global option or option under "Loosen Policy" to learn from "Only from Trusted Traffic" like in "Track Site ".Request for Bug Tracker/Known Issues – BIG-IP Version 17.5.1.2
Dear Team, I am currently familiarizing myself with F5 solutions and am looking for the specific list of known issues associated with version 17.5.1.2. Could you please provide the URL for the release notes or the Bug Tracker filtered for this version? I want to ensure I am aware of any existing challenges or bugs within this specific release. Best Regards, Joy
Illegal Metacharacter in Parameter Name in Json Data
Dears, Can someone tell what is the issue here as the BIG IP is reporting the illegal metacharacter "#" in parameter name but the highlighted part of the violation doesnt contain metacharacter # in the first place and the parameter which BIG IP displayed in the highlighted part is actually not a parameter. I believe the issue is with the BIG IP only. Any suggestions here, please? I think issue is that BIG IP is not paring the Json payload properly
Could not communicate with the system. Try to reload page.
I am trying to check for live updates of attack signatures in F5, but I am getting a message. In passive devices, the signature list does not display — it keeps loading and never shows the updated signatures. Has the destination or location of the signature updates changed in version 17?
Connection Rest f5
I have box f5 i4800 version 15.1.5, we faced some issues , I have virtual server listen on https 443 then under it pool have one node listen on http port 80 and I used ssl client profile, when I try access VIP , I can't access it and faced connection rest , then check all setting for vip is ok , again try but I can't access , After that I delete this VIP and Create it again with the same setting and the same ssl client profile after that I can access Vip and application is working fine, so I think so that is bug of this version ,please advise me.
Putting new and updated signature in staging
Hi, I have some questions about the mechanism in ASM (version 12.x) in updating attack signatures to: put newly added attack signature in staging, AND put updated/modified existing signatures in staging. I know that to achieve this, I need to check the "Place updated signatures in staging" in Security >> Application Security >> Policy Building >> Learning and Blocking Settings. But do we need to check "Enable Signature Staging" (the option just on top of it)? As reading some past answers to this similar questions, it was suggested to enable signature staging first before updating. Isn't this option will put all signatures in staging instead of just the new/updated ones? Thanks!
