Forum Discussion
Kai_Wilke
Apr 24, 2019MVP
Hi Lopf,
But the documentation also states, that ASM is then disabled for the "duration of the TCP connection or until ASM::enable is called."
You can pretty much ignore the (slightly outdated) documentation. The mentioned statement was true at the time HTTP-Class was used to assign ASM Policies.
Since v11.4 LTM Policies are used to enable an assign a given ASM Policy. The LTM Policies are operating on a per-request level and therefor revert your
ASM::disable
command and reselect the default ASM Policy on the very next request of the same underlying TCP connection.
when HTTP_REQUEST {
if { [HTTP::path] contains "/.well-known/acme-challenge/" } {
ASM::disable
} else {
You don't have to care about re-enabling ASM. Your LTM Policy already did that...
}
}
Cheers, Kai