Mohamed_Lrhazi
Jun 27, 2019Altocumulus
Solved
ASM provided signatures rules text
Can one find the text of the rules of the provided attack signatures? so one could learn how they work and maybe copy/customize them.
Most of them are built-in, so you cannot access them (F5 policy)
REF - https://support.f5.com/csp/article/K8771
Some others (dos security signatures) are accessible checking /config/bigip.conf
security dos bot-signature "/Common/asm-hidden/ASM-search-engine-Bing Ad Idx" { category /Common/asm-hidden/ASM-search-engines domains { .msn.com } rule "headercontent:\"adidxbot\"; useragentonly; nocase;" }
KR,
Dario.