whitelist
5 Topicsself-directed requests fail because of no certificate
Is there a way to whitelist a server so it can make requests from itself without needing to have a certificate? I use the F5 to provided CAC authentication for my site. It's a PHP server. During the setup process for the web application software we run on the server, the setup process needs to learn, test and record it's own URL and the URL of other web applications installed on the same server. These URLs are used later when generating HTML with absolute URL links in it. When the user types a URL in and submits it, the server will then make a request from that URL (where an API is waiting) to make sure it get's a valid response--verifying the URL is correct. This process fails, I'm assuming, because any requests of the server require you to have a CAC/Certificate. As such our software is unable to validate URLs. What can be done about this to allow it to work? Ideally it would be nice if the server was somehow whitelisted so it could make a self-directed request, but is there any other options?47Views0likes1CommentF5 AWAF Bot Defense Whitelist
According to https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-implementations-14-1-0/configuring-bot-defense.html, having whitelists can speed up access time to the website. Is it because WAF will not check those whitelisted URLs coming to the web site, thereby making it faster? (Faster when users access the web site because less traffic to be validated by WAF?)55Views0likes2CommentsiRule newbie - Whitelisting IP address for Spesific URL and Attack Pattern
Hello community, One of our third party applications have false-positive blocks for spesific attack pattern, which we want to whitelist, but as our f5 support explained that it cannot be done to a spesific IP, it needs to be url and pattern based without ip limitation. Im not expecting much, what is the reason behind it? Performance? Is this can be done?, IP: x.x.x.x Pattern: 200002034 - SQL-INJ "ifnull" URL: "/path/to/excluded/url1" Your comments are valuable! Chatgpt output for exact same question, but couldnt tested it. when ASM_REQUEST { # Get the client IP address set client_ip [IP::client_addr] # Get the URL path from the request set url [HTTP::uri] # List of URLs to exclude from security checks set excluded_urls { "/path/to/excluded/url1" "/path/to/excluded/url2" "/path/to/excluded/url3" # Add more URLs as needed } # Define the attack pattern to exclude set excluded_attack_pattern "2000010101" # Check if the client IP, requested URL, and attack pattern match the criteria if { $client_ip eq "x.x.x.x" && [lsearch -exact $excluded_urls $url] != -1 && [ASM::policy has_attack $excluded_attack_pattern] } { ASM::disable } }663Views0likes1CommentBIG-IP 17.0 ASM Cookie based allow requests
Is it possible to allow requests through the ASM if the client sending the request has a unique cookie with a particular value? I want to whitelist these requests based on this cookie. If this is possible would someone please share with me how this is accomplished?Solved1.2KViews0likes1Comment[ASM] Actual parameter name is not actual parameter
Hi All, i have a illegal request that triggered illegal meta character in parameter name, in violation details explain that "actual parameter name" in my thought is not actually parameter name, the request and violation detail capture on below. how can i whitelist if this actual parameter name is random value? not consist a word like param1, param2, etc652Views0likes1Comment