Hi all, I'm looking into some ASM blocks that are being triggered for an illegal URL violation.
We have an application call coming in as /app-abc/... which we use an iRule to string map the call to app-abc-1.0/... - as this avoids having version specific calls from external sources. This works fine as confirmed by the application tests and ltm log messages, but we get some calls which are being blocked because they're coming as app-abc-1.0/...
I can run a clean test from postman and get a block because of this violation even though the call has passed through the iRule (seen ltm log message to confirm) - I though that ASM was processed before LTM?
This one is confusing me. its like its a subsequent call which is being blocked. Does the string map persist back to the client?
Any help or advice on this one would be greatly appreciated.
ASM is one of the last product evaluated...
So when you change URI in HTTP_REQUEST event, ASM will see the new URI.
This is useful when we want to disable ASM or change ASM policy based on URI.
Oh right, I always thought it was up front. That would explain it all then! Thanks for clarifying it for me.