Bug ID 642119: Websocket URLs can't be explicitly excluded per attack signature

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.0.0

Fixed In:
13.1.0, 13.0.0 HF1

Opened: Jan 29, 2017
Severity: 2-Critical

Symptoms

A signature matches a websocket URL where it is defined as an excluded signature on the URL.

Impact

A false positive signature match

Conditions

A websocket URL has a signature defined as excluded on this URL.

Workaround

disable the signature on the policy level when applicable.

Fix Information

Signatures can now be excluded on the websocket URLs.

Behavior Change