We are submitting a Request for Enhancement to ask for the addition of prefix-based and regex-based path matching within the Malware Protection module of F5 Distributed Cloud.

Current Limitation

The current Malware Protection GUI only supports Exact path matching when defining protection rules. This means every URL path that requires malware scanning must be declared individually and explicitly. There is no supported mechanism for recursive or pattern-based coverage such as /folder/* or /folder/[0-9]+/.

We also noted that the underlying JSON schema appears to expose fields for "prefix" and "regex" path matching modes. However, since there is no official documentation or confirmed case evidence that these fields are honored by the malware protection engine when set manually, we cannot rely on them as a supported workaround.

Impact

This limitation creates real operational challenges:

• Applications with dynamic or hierarchical URL structures (e.g., /uploads/user/1/, /uploads/user/2/) require one rule per path, which does not scale.

• Any path not explicitly listed is excluded from malware scanning, creating potential coverage gaps.

• Rule sets become increasingly difficult to maintain as application paths evolve over time.