Follow

Q&A: What is "Request length exceeds defined buffer size" WAF violation?

 

Question

  • What is "Request length exceeds defined buffer size" WAF violation?
  • What is the buffer length for BIG-IP ASM?

 

Environment

  • Silverline WAF
  • Policy/Policies
  • Module/Attack Signature

 

Answer

  • The default maximum size for a BIG-IP ASM buffer is 10 MB or 10000000 bytes (it can't be changed).
  • Whenever a request exceeds the buffer_size, the BIG-IP ASM triggers a "Request length exceeds defined buffer size" violation. A request will be blocked if this module is set to 'Blocking' or Alerted if the policy is in 'Transparent'.
    • The only option available to tune this particular violation is to switch off this module.
    • We can disable on spacific URI by creating separate policy - it's possible to create up to 5 policies on one proxy. But it will be needed to remember about updating multiple policies in case additional tunings.

  • Contact SOC / Contact Silverline Support if you want to tune the policy or want the SOC to perform an assessment for the policy/module.

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request