Forum Discussion
youssef1
Apr 26, 2018Cumulonimbus
Hello Naveenkumar,
First of you can manage Allowed Response Status Codes in Security ›› Application Security : Policy : Policy Properties.
In all case it good to block all application error code this can give information used to the hacker.
So in order to check the response code of your application you can check events logs (Request and response) it's reliable.
otherwise you can also make an irule to check status code in response.
are you sure that part of the request is not truncated, blocked (by asm) or alter which could cause a 500 error. you can for example have an ajax request that is blocked and not visible in the request ... (not in your case but as an example).
Regards