HTTP protocol security within individual ASM profile
I am pretty new to ASM. I have a couple ASM policies in front of a few SharePoint Project Server 2013 farms. A couple farms are test and a couple are production. The production farm policies are in transparent mode. The test farm policies are in blocking. I started noticing parts of certain pages not loading on the test farm. I checked ASM and was able to confirm that legitimate traffic was being blocked. The block was for HTTP protocol compliance failed. The HTTP check was "POST request with Content-Length: 0". I can't explain why loading a page would cause a POST request. ASM suggested not checking for "POST request with Content-Length: 0". I accepted this change and applied it to the policy. This fixed my problem. My question is where can I see that change specifically within the ASM policy. I know where I can see changes to the XML profile for a specific policy, but I couldn't find the equivalent for changes to HTTP compliance checks. Thanks in advance.HTTP Analytics causing problem with Project Server 2013
I have a few small SharePoint Project Server 2013 farms (some test, some production). I have relatively new F5s (moving off older F5s). The old F5s didn't have AVR provisioned. I provisioned it on the new F5s and I have a custom HTTP Analytics profile that I'd like to use. I've attached a screen shot of the statistics that I have configured it to gather. It was recently brought to my attention that if you go into the web interface of Project Center (as opposed to going through the Project client) and open any project, click on the Project Details--> click edit. Then once in the edit mode --> click save. I get error: Project out of Date. This project has been updated in another session and the current data may no longer be valid. Refresh the page to see the most current data for the project. Clicking refresh and then trying to save it again just gives the same error over and over. After attempting the change many settings to figure out what was causing this, I eventually removed the HTTP Analytics profile and the problem fixed. I put it back and the problem came back. Confirmed this on test and production farms. For the life of me, I cannot understand why an Analytics profile would cause this problem. Any thoughts or insight would be greatly appreciated because I'd like to use the Analytics module.SharePoint 2013 Project Server with Project Application connection issue
We have a virtual server that is supporting a SharPoint 2013 Project Server farm. The virtual server is configured to allow traffic over all ports, although we only expect traffic over 443. The VS is configured to do SSL bridging. The cipher suites for the client and server SSL profiles are "!LOW:!MEDIUM:!SSLv3:!DES:!RC4:HIGH:@STRENGTH". The VS has two web front ends in the pool that it is pointed to. I have an enforced firewall policy that allows traffic on port 443 over TCP and UDP and denies everything else. I have no dropped packets from the firewall policy. Users can access the web site of the server without any problem. Users also use Microsoft Project 2013 to connect to the same URL to access and manipulate projects. That also works up to a certain point. Users can connect to website and open a project file. If they close the project file (but not the Project application), click open for a new file, and attempt to retrieve the list of files, we get an error. If we use host files to bypass the F5, we do not have this problem. We also narrowed it down to if the user has Internet Explorer open (they don't even need to be connected to a website anywhere), the error does not occur. If the user has Firefox open, the error does still occur. One thought possibly was that with Internet Explorer open, the traffic that the Microsoft Project application sends looks like IE to the F5. With IE closed, the F5 doesn't know how to handle it. That's just a theory though. Any assistance would be greatly appreciated.
