Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP FPS
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3
Fixed In:
13.1.0, 13.0.1
Opened: Feb 08, 2017 Severity: 3-Major
Blacklist-words is deprecated since 13.0 and detected-malware should be used instead. However, the deprecated method below won't work: tmsh modify security anti-fraud profile fps_profile malware { blacklist-words add { bword }} tmsh modify security anti-fraud profile fps_profile add { /url { malware { whitelist-words add { bword }}}} 010719b7:3: URL whitelist words can only be selected from malware blacklist words in the Anti-Fraud profile '/Common/fps_profile'.
Config transaction will fail.
This will happen when using the deprecated method to configure blacklist-words list. It impacts also whitelist-words, since adding a word to the whitelist is possible only for words that exist in a blacklist.
Use the new object for blacklist-words: tmsh modify security anti-fraud profile fps_profile malware { detected-malware add { mal { blacklist-words add { bword } } } } modify security anti-fraud profile fps_profile urls modify { /url { malware { whitelist-words add { bword } } } }
FPS now supports the deprecated method for configuring blacklist-words.