Bug ID 519053: Request is forwarded truncated to the server after answering challenge on a big request

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.4.1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5

Fixed In:
12.0.0, 11.6.0 HF6, 11.5.4

Opened: Apr 20, 2015

Severity: 3-Major

Symptoms

Large requests (over 5K) arrive truncated to the server when web scraping bot detection is enabled, or a brute force/session opening attack is ongoing with client-side mitigation.

Impact

The client side challenge mechanism causes a truncation of the request forwarded to the server. Only the first 5k of the request arrives to the server.

Conditions

The request size is between 5k-10k. Web scraping bot detection is turned on, or a brute force/session opening attack is ongoing with client-side mitigation.

Workaround

Change the internal parameter size max_raw_request_len to 10000.

Fix Information

The system's client-side challenge mechanism no longer truncates large requests (those over 5K) forwarded to the server.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips