Forum Discussion

Nimbostratus

Oct 17, 2017

Apache Webserver

Hi If my application is not using Apache webserver then is there any need to include the signatures related to the Apache Server? Let say my app is working on some webserver other than the Apach...

Cirrostratus

Oct 17, 2017

MSZ,

When building the ASM policy with Attack Signature protection, it is better to determine the following information about the application you intend to protect.

OS
Web Server
Languages, Frameworks & Application
DB Servers

After determining theses information, from the "Attack Signature" screen select the corresponding ones. For example:

OS: Windows
Web Server: IIS
Languages, Frameworks & Application: ASP.NET
DB Servers: MySQL

In this way you will select only Attack Signatures that applies to your application. Doing so will limit the false positive.

Hope it helps

Regards

Forum Discussion

Apache Webserver

Recent Discussions

F5 ASM logging profile to specify source IP

Portal Access to HTTPS resources slow

Cannot login to Avaya wanx using f5 apm network access

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Apache Airflow Unsafe API Endpoint

LTM Monitoring IIS and Webserver Binding

F5 SIRT on the Apache Commons Configuration CVE-2022-33980?

Apache CVE-2022-31813 and the hop-by-hop header mechanism

Apache Log4j2 (CVE-2021-44228) mitigation iApp