For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

mherman31_24878's avatar
mherman31_24878
Icon for Nimbostratus rankNimbostratus
Dec 01, 2016

AMS brute force protection Dynamic

Hi All,   I have problem with configuring AMS brute force protection on logon page on 11.6.0 HF5   I'm configuring clear ASM with checked "block" in "Brute Force: Maximum login attempts are exc...
application delivery
ASM Advanced WAF
BIG-IP
security
Erik_Novak's avatar
Erik_Novak
Icon for Employee rankEmployee
Dec 02, 2016

Actually, after re-reading your question, it sounds like you have identified a login page. There are a few settings for each login URL that need to be checked against your curl command. What authentication type are you using for the page? If there are parameters such as username and password, are those correctly placed inside curl? What access validation have you selected? Make sure that your access validation is getting triggered by the curl command.