Manual Chapter : Configuring illegal parameter datatype violation

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.1.5

BIG-IP ASM

  • 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
Manual Chapter

Configuring illegal parameter datatype violation

  1. On the Main tab, click
    Security
    Application Security
    Policy Building
    Learning and Blocking Settings
    .
  2. Expand
    Parameters
    .
  3. Check
    Learn
    ,
    Alarm
    , and
    Block
    fields for the
    Illegal Parameter data type
    violation.
  4. Click
    Save
    and then
    Apply Policy
    .
The violation is configured. ASM will block the request and raise a violation
illegal parameter data type
if any of the following condition is met:
  • If IP address as URI is received, when
    Is IP address
    field in unchecked.
  • If host name as URI is received, when
    Is IP address
    filed is checked.
  • If an invalid host name or IP address is received.
The following is an example:
If "Is IP Address" is disabled for the parameter uriParam: (default behavior) http://<VS>/index.html?uriParam=http://123.456 http://<VS>/index.html?uriParam=a+b.com http://<VS>/index.html?uriParam=http://a<b.com/ http://<VS>/index.html?uriParam=http://201.45.6.8 If "Is IP Address" is enabled for the parameter uriParam: http://<VS>/index.html?uriParam=http://172.256.2.3 http://<VS>/index.html?uriParam=23.1.2 http://<VS>/index.html?uriParam=2001:0:3238:DFE1:63::FEFB] http://<VS>/index.html?uriParam=http://[0x20010db80a0b12f00000000000000001]/ http://<VS>/index.html?uriParam=[] http://<VS>/index.html?uriParam=a.com