ASM disable Attack Signatures checks for a specific URL

Question

Hello, &nbsp;
Is it possible to disable Attack Signature checks for a specific URL and to let the ASM act normally for others. &nbsp;
Example : &nbsp;
/aaa/bbb/ccc =&gt; do not check for Attack Signature&nbsp;
/* =&gt; act normally &nbsp;
Thanks for helping &nbsp;

erik_novak · Answer

You can disable attack signatures for a specific parameter on the properties screen for the parameter...&nbsp;

jad_tabbara__j1 · Answer

Thanks for your answers. &nbsp;
Finally I have done like that : &nbsp;
1) I created a new "Wildcard URL" /aaa/bbb/ccc/*&nbsp;
2) Then from "Parameters" I created a new wildcard (*) parameter on URL level &nbsp;
&nbsp;

ashwin_venkat · Answer

The ability to disable/enable attack signatures on a per-URL basis was introduced as a feature only in v13.  Therefore, in v13 and above, you can create the URL as an Allowed URL (Explicit or Wildcard) and then configure the Overridden Security Policy settings within the Attack Signature tab for that URL.&nbsp;
In all versions prior to that, you can only make this exception on the parameter level or else it'll need to be done globally for that policy.  One other option, for these pre-13.x versions, would be to use the ASM::unblock iRule event. &nbsp;
These two links gives more insight regarding these iRule events:&nbsp;
https://devcentral.f5.com/wiki/iRules.ASM__unblock.ashx
https://devcentral.f5.com/wiki/irules.asm__violation_data.ashx&nbsp;

Forum Discussion

ASM disable Attack Signatures checks for a specific URL

3 Replies

Recent Discussions

Transaction looks successful but file not downloading

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

ASM irule to disable attack signature authorization header with specific value

Disabling Weak Ciphers

Wildcard Parameter signature attack

Bot Signature based on the referer header

disable http retry