Bug ID 743961: Signature Overrides for Content Profiles do not work after signature update

Last Modified: Sep 20, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Fixed In:
15.0.0, 14.1.0, 14.0.0.5, 13.1.1.4

Opened: Sep 13, 2018
Severity: 3-Major

Symptoms

JSON profile signature override does not include legacy signature after Automatic Signature Update (ASU).

Impact

-- Unexpected block on a previously white-listed signature. -- Confusing logging for why the signature was blocked (should indicate it was due to using an old signature version).

Conditions

Signature override on content profile ASU with major update to targeted sig.

Workaround

-- Create the signature override at higher context, e.g., the URL. Removing the URL context override again keeps it fixed. -- Enforce new version of sig globally.

Fix Information

Signature Overrides for Content Profiles now work after signature update.

Behavior Change