OWASP Rule Groups Blocking Legitmate Requests

Question

I have had a number of legitmate requests getting blocked according to my cloudwatch logs in AWS for our WAF using the F5 Rules for AWS WAF - Web exploits OWASP Rules.

I am attaching a few text files of the CloudWatch Data.

zamroni777 · Answer

you need to check the http request body because the error log said this:=========

...

"terminatingRuleMatchDetails": [
{
"conditionType": "REGEX",
"location": "BODY",
"matchedData": null,
"matchedFieldName": ""
}
],

...

=======you can use tcpdump to capture whole packetstcpdump ... -s 0 -f5 ssl

Forum Discussion

OWASP Rule Groups Blocking Legitmate Requests

1 Reply

Recent Discussions

Block CBC

active/active Support Declarative Onboarding

Error while running ansible

URL

Portal Access to HTTPS resources slow

Related Content

Beware, your logs - how blocked log4shell, Spring4Shell etc requests can still lead to compromise

ASM blocked request contains & (ampersand) symbol in parameter value

Block requests by reverse DNS record

Block traffic

Block Referral Requests