Forum Discussion
kepler
Aug 30, 2023Nimbostratus
Help with investigating the cause for blocked request
Hi, We are subscribed to F5 Rules for AWS WAF - Web exploits OWASP Rules via AWS Marketplace and use it for our WAF config. We see some requests are getting blocked and see which rule triggers it. ...
Amine_Kadimi
MVP
The ruleid _XSS_script_tag__Parameter__AllQueryArguments_Body suggests a XSS script tag detected (> or < signs), could you check your request payload and confirm that?
kepler
Sep 05, 2023Nimbostratus
Hi Amine_Kadimi ,
Thanks for reply.
Yes the body of the request has "<>" because it's an xml.
What's the best way to exclude it and do you have any documentation on what exactly is checked by your rules?
Thanks!
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects