Bug ID 642119: Websocket URLs can't be explicitly excluded per attack signature

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:

Fixed In:
13.1.0, 13.0.0 HF1

Opened: Jan 29, 2017
Severity: 2-Critical


A signature matches a websocket URL where it is defined as an excluded signature on the URL.


A false positive signature match


A websocket URL has a signature defined as excluded on this URL.


disable the signature on the policy level when applicable.

Fix Information

Signatures can now be excluded on the websocket URLs.

Behavior Change