Forum Discussion
3 Replies
Sort By
- mimlo_61970CumulonimbusI would recommend F5's ASM module to handle this, assuming the application/website cannot be fixed to address the problem. Escaping input at the app level works a lot better than pattern matching at the network level.
- Vivek_Padale_16NimbostratusThanks Mimlo for your input.....
- Arnaud_LemaireEmployee
Vivek, could you stick to your initial post please ? i provided you with an answer here for SQL injection unnblock: https://devcentral.f5.com/questions/irule-for-asmanswer100884
next step for you is to identify the attack type form XML tagging and add it with a or in the matching condition.
thanks.