Forum Discussion

sim2022's avatar
Icon for Nimbostratus rankNimbostratus
Nov 10, 2022

ASM Policy that could read response and block source IP

Hi All

Is there a WAF Policy that could be configured to read the response sent by my webserver to the user and block the source IP if the response has "xx" number of unauthenticated occurrences within a specific period of time from the same source IP?

Was wondering if this type of configuration would auto-block the source IP that is attempting an ongoing password-spraying or credential-stuffing attack on the website, considering the ReCaptcha is somehow bypassed.

Does F5's ASM have this capability?





1 Reply