F5 has created a specialized ASM template to simplify the configuration process of WordPress v4.9 with the new version of BIG-IP 13

Click here to download the latest XML file that contains the template:  WordPress v4.9 Ready Template v6.x

Goal: Quick WordPress v4.9 base line policy which set to Blocking from Day-One tuned to WordPress v4.9 environment.

Ready Template Deployment Steps:

1. Download the policy zip file and extract the XML file from the link above

2. Update Attack Signature to the latest version: Click "Security Update" --> "Application Security" --> "Check for Updates" --> "Install Updates"

2. Click "Application Security" --> "Import Policy" --> Select File" and choose the XML file

3. Edit the policy name to the protected application name and click "Import Policy"

4. Attach the policy to the appropriate virtual server

5. Refine learning new records in "Application Security" --> "Policy Building" --> Traffic Learning"

6. Observe no false positive occur by validating event logs: "Event Logs" --> "Application" --> "Request"


Important: If the policy is not working properly, please ensure you are using the latest version.  If you have any issues or questions, please send any feedback to my email: n.ashkenazi@f5.com