For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

SerhiiR's avatar
SerhiiR
Icon for Nimbostratus rankNimbostratus
Mar 15, 2023

ASM Brute Force Protection feature inserts the script to response headers. How it may be removed?

Hello, We have faced with a problem, when Brure Force Protection feature inserts the script to response header. I have pasted the script below. The fact is that script is inserted for each applicati...
brute force
security
Daniel_Wolf's avatar
Daniel_Wolf
Icon for MVP rankMVP
Mar 17, 2023

Hi SerhiiR,

this looks like Device ID is enabled in your bot defense profile. Can you verify?
For Login Page protection you can use Device ID, I'd even recommend to use it. But in case it causes an issue with your application, you may either debug why your app has a problem with sideband loading of JS or just switch the Device ID feature off.

KR
Daniel 

SerhiiR's avatar
SerhiiR
Icon for Nimbostratus rankNimbostratus
Mar 20, 2023

Hello Daniel,

Thank you for the recommendation. But we do not have the bot defense profile at all. From the Brute Force Protection configuration, the device ID is switched to Never Trigger.

  • Daniel_Wolf's avatar
    Daniel_Wolf
    Icon for MVP rankMVP
    Mar 20, 2023

    Other features that might cause JavaScript injection.

    1. Analytics profiles
    2. CSRF protection
    3. DoS protection profile using Client Side Integrity Defense.