Bypassing the BIG-IP ASM
Dears, I have two application sharing the sama physical server, I need to use one Virtual server, to inspect the first application via ASM and not to inspect the second one.
I red this articular http://support.f5.com/kb/en-us/solutions/public/14000/700/sol14709.html and my image is 11.4.1 so its fit to this article.
I want to use the first choice mentioned in the article, but in my virtual server options I cant see the (conditions) and the (actions)...
anyway if its not there and I should go for the second choice (irule), so is following irule is correct :
when HTTP_REQUEST { if {[HTTP::uri] contains "URL_OF_APPLICATION_NUMBER_2" } { ASM::disable log local0. "ASM disabled." } else { ASM::enable /Common/MY_ASM__POLICY_NAME log local0. "ASM enabled. Current ASM policy is [ASM::policy]" } }