Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Illegal meta character in parameter name, Whitelist

Dear All,

I setup the transparent learning to blocking policy. When I switch on it, I have some blocking issue what the ASM not offer to learn.

So I do not understand why it did not offer but these blocking issue include in "Illegal meta character in parameter name" Violation category.

The polcy always blocked two metacharacter in the call,

Hex: 0x7c Char: | Hex: 0x2f Char: /

Can I allow or add to whitelist these characters somewhere in the policy?

Something like this setup,For example:

IF "Illegal meta character in parameter name" violation contains "Hex: 0x7c Char: | " OR "Hex: 0x2f Char: /" == ALLOW

Thanks,

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I assume in your policy Blocking Settings against this violation you did not have the Learn flag, or perhaps the Alert flag too, checked. If you had then even in Transparent mode you would've seen an illegal request log and a learning suggestion. Take a look to see which violations have these flags checked.

As to your question, I note that both of these meta characters are disallowed by default and you can allow them across the whole policy. Browse to Application Security - Parameters - Parameters List - Character Sets - Parameter Name and view all characters, change the ones in question to Allow. Don't forget to Apply Policy.

Hope this helps,

N

0