If you use ASM module then HTTP Response Code 500 is blocked by default. Check out the excerpt from the ASM manual:
"Configuring the allowed response status codes
By default, the Application Security Manager accepts all response codes from 1xx to 3xx as valid responses. Response codes from 4xx to 5xx are considered invalid unless added to the Allowed Response Status Codes list. By default, 400, 401, 404, 407, 417, and 503 are on the list as valid HTTP response status codes.If a response contains a response status code from 4xx to 5xx that is not on the list, the system issues the violation, Illegal HTTP status in response. If you configured the security policy to block this violation, the system blocks the response. "
https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-config-11-2-0/asm_security_policy.html1047555
Hope this helps,
Sam