F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP Application Security Manager: Implementations
  3. Mitigating Server-Side Request Forgery
  4. About configuring SSRF
Manual Chapter : About configuring SSRF

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 17.1.2, 17.1.1, 17.1.0, 17.0.0
Manual Chapter

About configuring SSRF

To enable the SSRF functionality, the parameter which carries the IP addresses or domain names must be configured as a parameter of data type URI.
Configure the IP addresses and domain names such that if any of such URI parameter contains configured entries, then the BIG-IP will block the traffic and raise a violation
server-side access to disallowed host
.
Also, the BIG-IP will block the request and raise a violation
illegal parameter data type
 if any of the following condition is met:
  • If IP address as URI is received, when the
    Host Name Representation
     field in set to
    Domain Name
    .
  • If host name as URI is received, when the
    Host Name Representation
     field in set to
    IP address
    .
  • If an invalid host name or IP address is received.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information