For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

zack_254145's avatar
zack_254145
Icon for Nimbostratus rankNimbostratus
Jan 12, 2019

Does F5 has any feature of anti-tampering web content?

Hi Folks,   I am not sure if any of F5 modules is capable of blocking web content tampering? For example if a hacker injects a piece of malicious JS within a server response? Will F5 has any featu...
ASM Advanced WAF
iRules
security
samstep's avatar
samstep
Icon for Cirrocumulus rankCirrocumulus
Jan 12, 2019

First of all - how do you think the hackers are going to inject a malicious script into the responses of the Server (which is behind F5 WAF)? Most attacks happen over the web using Cross-Site-Scripting attack (XSS) or SQL injection attack (SQLi). F5 ASM as a WAF can identify and block the malicious script injection attempt as it will be a Request.

 

There are ways to inject malicious scripts using man-in-the-browser/client-side malware or 3rd-party JavaScript already included in server responses being compromised. In such cases F5 WebSafe module can help.