Forum Discussion

draco's avatar
draco
Icon for Nimbostratus rankNimbostratus
Feb 19, 2018

Hi

I was getting false postives on f5 asm with violation post content length is 0.I had disabled that violation under http compliance violation in blocking settings.but the request is still getting blocked.the f5 version is 11.6.2 . should i disable the violation check : content length should be positive integer as well ?? I read asm ll block even if it is 0. Does that come under this violation or the post content length is 0 violation or are both related ?

 

1 Reply

  • First, if you disabled the violation for POST request with Content-Length: 0 then ASM should not be blocking any requests that contain a zero-length POST body. Make sure you click Save and Apply Policy after changing the blocking option. Second, the Content length should be a positive number violation is sort of related, in that it also checks the Content-Length header to ensure that it is at least 1. Either of these 0 values could indicate a response splitting attempt, or a denial of service attempt.