F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP Application Security Manager: Implementations
  3. Mitigating Server-Side Request Forgery
  4. About configuring SSRF
Manual Chapter : About configuring SSRF

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
Manual Chapter

About configuring SSRF

To enable the SSRF functionality, the parameter which carries the IP addresses or domain names must be configured as a parameter of data type URI.
The F5 Application Security Manager (ASM) allows the user to configure the disallowed domain names and IP addresses such that if any of such URI parameter contains configured entries, then the ASM will block the traffic and raise a violation
server-side access to disallowed host
.
Also, the ASM will block the request and raise a violation
illegal parameter data type
 if any of the following condition is met:
  • If IP address as URI is received, when
    Is IP address
     field in unchecked.
  • If host name as URI is received, when
    Is IP address
     filed is checked.
  • If an invalid host name or IP address is received.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information