Irules for html sanitization

Question

Hi 
I'm new to irules so forgive me if this is totally bad idea to even consider doing...but is it possible to scan the inbound users Post data for malicious tags?  &nbsp;

samstep · Answer

Hi Gary,&nbsp;
It is indeed a bad idea as you will be using a wrong tool for the job.&nbsp;
You should really be using the F5 ASM module to protect your applications - it is designed to address security issues like the one you are trying to solve with all the problem confirmation/attack signature updates/reporting/logging etc...&nbsp;
Of course it is possible to scrub the POST data in iRules, but it is not easy to design and develop by someone who is new to iRules. I am also sure your security requirements will not stop at sanitizing the POST data for just SCRIPT tags - there are thousands of attacks and evasion techniques out there and you will not be able to maintain an iRule which can mitigate them all and will keep itself updated of all the latest attack methods and malicious tags. Get ASM.&nbsp;
Hope this helps,&nbsp;
Sam&nbsp;

Forum Discussion

Irules for html sanitization

1 Reply

Recent Discussions

Advise on setting up IRULE

Chrome V 124+ on MacOS - Virtual Server Access Issue

Port Group on F5OS network setting

F5Access | MacOS Sonoma

Rewrite uri translation not working

Related Content

iRule HTML Maintenance Page insert URI Value

ASM filtered HTML exceeded limit: event code C190 Filtered Response HTML exceeded max limit

What is HTML Field Obfuscation?

HTML Comment Scrubber iRule

ASM Sanitize Blocking Page Requests