Manual Chapter : Configuring illegal parameter datatype violation

Applies To:

  • BIG-IP ASM

    21.0.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0

back-action Mitigating Server-Side Request Forgery

Updated Date: 04/14/2026

Configuring illegal parameter datatype violation

Note: Enable the Illegal Parameter Data Type violation, else the SSRF mitigation will not work as expected.

  1. On the Main tab, click Security > Application Security > Policy Building > Learning and Blocking Settings.

  2. Expand Parameters.

  3. Check Learn, Alarm, and Block fields for the Illegal Parameter data type violation.

  4. Click Save and then Apply Policy.

The violation is configured. ASM will block the request and raise a violation illegal parameter data type if any of the following condition is met:

  • If IP address as URI is received, when the Host Name Representation field in set to Domain Name.

  • If host name as URI is received, when the Host Name Representation field in set to IP address.

  • If an invalid host name or IP address is received.