Forum Discussion

Ghislain_Pellet's avatar
Ghislain_Pellet
Icon for Nimbostratus rankNimbostratus
Jan 18, 2017

ASM Blocked Request Redirect URL:

The ASM blocked request is configured to redirect to a URL like this:

 

http://www.myredirectpage.com/block_pg.php?support_id= <%TS.request.ID()%>.

 

Besides the support ID, are there any other parameters available?

 

Do we have access to information similar to what is written to the requests log like the IP, the attack type, human or non-human activity, the severity, etc.?

 

Is it a better practice to query the remote log to get information about F5 blocking actions instead of extracting data from the blocking redirect URL?

 

1 Reply

  • There are no other documented parameters apart from SupportID you can use on redirect.

     

    It is not a good practice to include that information on the URL anyway, as it will be giving too much information to the attacker, who may find a way around your ASM policy and hack in. Unique reference number (SupportID) is all you should be giving to the users (who can be hackers).