Forum Discussion

Nimbostratus

4 years ago

ASM Policy to prevent backend server fingerprinting

We recently moved a legacy Windows web server behind an ASM. The server can't be upgraded for various reasons. We are not yet ready to deploy a full security policy in blocking mode, but we would at ...

security

ragunath154

Cirrostratus

4 years ago

apart from WAF policy i would recomend to attach the BOT profile, which includes scanners database to block.

ip intelligence too have database of scanner ip's which you can block..

Nikoolayy1

MVP

4 years ago

Also the F5 ASM by default is removing by default the server response header which is nice:

https://support.f5.com/csp/article/K6534

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM Policy to prevent backend server fingerprinting

Tyler - May 2026 Featured Member

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

Procedure for migration LTM/GMT cluster form serie I to R

F5 VCMP guest shutdown and decommissioning

OpenID Connect as Client and Resource server

F5 BIGIP & XC certbot plugin

F5OS cloud-init on 21.1 does tenants come with DO and AS3 RPM installed?

Related Content

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

TLS Fingerprinting - a method for identifying a TLS client without decrypting

Operationlizing Online Fraud Detection, Prevention, and Response

Use TLS Fingerprinting as a First Level of Defense in F5 Distributed Cloud

SSL Offloading and Backend pool https

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS