Forum Discussion

Scott123456789's avatar
Scott123456789
Icon for Cirrus rankCirrus
Mar 28, 2017

HTTP protocol security within individual ASM profile

I am pretty new to ASM. I have a couple ASM policies in front of a few SharePoint Project Server 2013 farms. A couple farms are test and a couple are production. The production farm policies are in transparent mode. The test farm policies are in blocking. I started noticing parts of certain pages not loading on the test farm. I checked ASM and was able to confirm that legitimate traffic was being blocked. The block was for HTTP protocol compliance failed. The HTTP check was "POST request with Content-Length: 0". I can't explain why loading a page would cause a POST request. ASM suggested not checking for "POST request with Content-Length: 0". I accepted this change and applied it to the policy. This fixed my problem.

 

My question is where can I see that change specifically within the ASM policy. I know where I can see changes to the XML profile for a specific policy, but I couldn't find the equivalent for changes to HTTP compliance checks.

 

Thanks in advance.

 

ASM Advanced WAF
security
sharepoint project server 2013

1 Reply

Sort By
  • cjunior's avatar
    cjunior
    Icon for Nacreous rankNacreous
    Mar 28, 2017

    Hi, Are you looking for the screen where the ASM disable this specific protocol compliance check?

     

    If so, you can find it on the menu:

     

    v11.x: "Application Security > Blocking > Settings" then expand "HTTP protocol compliance failed" on the RFC violations section.

     

    v12. and later: menu "Application Security > Policy Building > Learning and Blocking Settings" then expand "HTTP protocol compliance failed" section.

     

    I hope it helps you.