Hello Chenco,
You need to create an ASM policy and add it to your existing VS.
If you are not familiar with the ASM it can be a difficult task because if you put it in Blocking mode it may generate a lot of false positives.
So you need to :
- create the ASM policy in transparent mode (learning mode)
-
assign the Attack Signatures Sets that corresponds with your backend server (OS, Webserver, Language, Database). When you assign the Linux OS Signatures it will automatically add signatures that prevent "Kill, exec" and other command execution... The F5 will look at the POST method body and URL and apply the Attack Signature (make sure that on your wildcard HTTP/HTTPS URL you check the "Attack Signature")
-
prevent specific file extension upload, by making a whitelist of authorized file extension. You can do this fom "Security ›› Application Security : File Types : Allowed File Types"
Hope it helps
Regards