"Ignore value" parameter type

Question

Hi,We are using BIG-IP 16.1.4.1 with the ASM module.&nbsp;When defining a parameter, one of the available&nbsp;Parameter Value Types is "Ignore value". The help regarding this option states the following:Ignore value: Specifies that the system does not perform validity checks on the value of the parameter. Regarding signatures, the system does not perform parameter-based signature checks on the value of this parameter, but the system does perform all other signature checks on this parameter’s value.What is the meaning of "the system does perform all other signature checks on this parameter’s value"?As a check, I tried to configure a custom attack signature that looks for a string in the entire content of the request:content:"bar";I also configured test URL with a parameter named "payload" and configured it as "Ignore Value". I assumed that this signature would be triggered when the "bar" string appears anywhere in the request, including in the "payload" parameter. To my surprise, a request to the test URL with the parameter "payload" with the value "bar" did not trigger this attack signature.If so, what is the meaning of "the system does perform all other signature checks on this parameter’s value"? What signatures can be triggered on parameters defined as "Ignore Value"?&nbsp;Thanks

sebastiansierra · Answer

.

Forum Discussion

"Ignore value" parameter type

1 Reply

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Icontrol REST upload and apply policy- section "http-protocols" ignored?

Extracting dynamic parameter values from a "Jason" formatted response.

Brute Force protection for single parameter like OTP

exclude HTTP::header value Content-Type] equals "text/xml; charset=utf-8" from SSL redirect

Wildcard Parameter signature attack