Forum Discussion
2 Replies
Sort By
- uniAltostratus
You can't just tick the box. You need to create a virtual server and related pool and profiles, then create an ASM policy to apply to it. That policy can have all tests disabled except the SQL injection if you wish.
- rob_carrCirrostratus
Provided you have all of the traffic handling elements created, configuring the ASM to protect your application from SQL Injection is really just a matter of making sure that you have the correct attack signature set assigned (which flavor of SQL do you need to protect? MS-SQL or MySQL for example) to your security policy.
You'll need to look a the different methods for creating security policies to see which one works best for your environment.