ASM Wildcard URL

Question

Hi,
 I'm working on ASM, policy is in blocking mode but we have removed block setting for illegal URL in blocking setting. 
Problem is even though we have wildcard url configured still we see explicit url is getting added to security policy.
example : wildcard url '/abc//.htm'
still I see new entries in allowed url like '/abc/india/001.htm' , '/abc/usa/002.htm', '/abc/uk/003.htm'.
In policy building setting : 
File Types for which wildcard URLs will be configured (e.g. *.jpg) : .htm is added.&nbsp;
also in wildcard url :
Learn Explicit Entities : Never (wildcard only).&nbsp;
What could be the reason for this&nbsp;
Thanks, Sachin&nbsp;

sachin_80710 · Answer

wildcard url : '/abc/*/*.htm'

sachin_80710 · Answer

under policy log we see below logs

Type was set to explicit.
 Perform Staging was set to disabled.
 URL Name was set to /abc/usa/002.htm.
 Protocol was set to HTTP.

Rule: Accept as Legitimate (Loosen), Untrusted traffic.

Originating Device Name: asm.example.com

binarycanary_19 · Answer

There is a setting called "Parameter Level". When you have this specified at "Global", the system will update the URL which matched a violation/learning suggestion, so if you have a wildcard, it will update the wildcard.&nbsp;
If you have this setting at "URL", the system will create a specific URL and then make the changes in the learning suggestion when it accepts a learning suggestion. &nbsp;

Forum Discussion

ASM Wildcard URL

3 Replies

Recent Discussions

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Related Content

ASM - Adding Allowed URL's via CLI in 2023

Wildcard Parameter signature attack

WildCard Redirection of url

Help with ASM URL wildcard syntax

ASM logs