Forum Discussion
- Simon_BlakelyEmployee
What is the actual logged violation?
- Yosi_373863Nimbostratus
It says "AWS WAF - Web Exploits Rules by F5" without any further details. Is there anyway to see the exact rule that caused the violation?
- Yosi_373863Nimbostratus
When purchasing the product on AWS it says that F5 support is available through this forum. Why no one is answering?
- Simon_BlakelyEmployee
As detailed in
K21015971: Overview of F5 RuleGroups for AWS WAF
the primary avenue of support for F5 RuleGroups for AWS WAF is AWS Support
F5 Rules for AWS WAF - Bot Protection Rules
Please contact AWS Support (https://aws.amazon.com/contact-us) for AWS WAF related assistance
AWS do have a channel for accessing F5 Support, and access into the violation information.
Otherwise, you need to post an example blocked request (at least the headers) that may provide some clues as to the sort of violation that is being triggered.
- Shain_Singh_846Historic F5 Account
Hi Yosi,
Were you able to get a response by contact AWS Support for this?
- Jeff_Giroux_F5Ret. Employee
Please follow the procedure detailed in K21015971: Overview of F5 RuleGroups for AWS WAF
Reporting false positives on DevCentral
With full request logging you can now report on a rule that generates too many false positives. To report false positives, complete the following:
- Log three to five requests that the rule has flagged as malicious requests.
- Make sure that the requests do not contain any sensitive information; if they do, please mask the sensitive data with ****.
- Attach the requests to a message (Ask a Question) on the DevCentral Answers forum.