Bug ID 470779: The Enforcer should exclude session awareness violations when counting illegal requests.

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.4.1, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4, 11.5.4

Opened: Jul 08, 2014
Severity: 3-Major


Getting False positive by blocking requests.


Release session status from being blocked/logged can be renewed if illegal traffic runs at the same time even with 'Disallowed access...' violation only


Session Awareness is enabled.



Fix Information

The Enforcer now excludes session awareness violations when counting illegal requests for session awareness actions. Previously, these violations were counted and therefore prematurely caused the session status to be "Blocked".

Behavior Change