we want to config that the F5 ASM Policy block some paramters but the F5 shoult not display a blocking page
because if we block at this way our web application goes out of pass an the session and all entries which the user has made in forms or in a text box are lost and the user has to do maybe 10 forms to fill it again, how can we handle this topic ? Maybe I could get some best practice recommendations ?
An example what I think to do is, I have the path from input fields, there are just numbers allowed. If the user put now some symboles into the input field the ASM would block it, but maybe is it possible to clear the fields fill it with just zeros (00000000) and the application give us back that this entries are not valid and so I can maintain my session and I do not lost some data from the input fields or text boxes ! I hope to get some best practices for this case or how would be implement this regular because I think I'm not only the ONE who want to do this ;)
This is tricky and depends on your application. The whole idea of a blocking page is that ASM is letting know the genuine users that their request is illegal. If the user is an attacker then there is no point in helping that user any further. However it is also possible that the block was a false positive. A properly tuned ASM policy should minimize false positives.
The question is: if ASM Blocking page is causing your application to lose forms data then what kind of response will not do that? If you know the answer then you can create an iRule to tackle that situation and intercept the blocking page, drop the request or unblock the request (depending on your requirements)