ASM::unblock¶
Description¶
Overrides the blocking action for a request that had blocking
violations. Consequently, the request will be forwarded to the origin
server and also marked with a special “unblocked” flag which can be
viewed in the request log. If the present request was not supposed to
be blocked then the command has no effect.
Syntax¶
ASM::unblock
ASM::unblock¶
- Notes
- Violations from an unblocked request will not be learned for policy modification, neither manually nor automatically.
- The command applies to requests only. It is not possible to unblock a response in which violations were found.
- The command does not apply to requests that are part of attacks such as Web Scraping or Brute Force login attacks.
- An unblocked request will not be sent to Antivirus scanner.
- The command takes effect even if it is followed by ASM::raise command with a blocking violation.
Examples¶
when ASM_REQUEST_DONE {
set i 0
foreach {viol} [ASM::violation names]{
if {$viol eq VIOLATION_ILLEGAL_PARAMETER} {
set details [lindex [ASM::violation details] $i]
set param_name [b64_decode [llookup $details "param_data.param_name"]]
#remove the bad parameter from the QS - does not work right in all cases, just for illustration!
regsub -all "\?.*($param_name=[^\&]*)" [HTTP::uri] "?" $new_uri
HTTP::uri $new_uri
ASM::unblock
}
set i [expr {$i+1}]
}