Forum Discussion
Bot Defense Deployment/Troubleshooting
I found this db key:
sys db botdefense.suspicious_jsfree_score {
value "49"
}
I have changed this to 60 as well.
On 16.x the key dosl7.browser* doesn't exist, don't know if it has been replaced by something else or if it all is placed under botd now.
Nice!
By the way I tested on a VM on 16.1.3.3 with updated bot and browser signatures and again I am never blocked by the active javascript bot protection when using Local Traffic policies to switch between Bot profiles, so the Local Traffic policies seem to break this feature even with SPA enabled as even with bot debug https://my.f5.com/manage/s/article/K10478323 I see that F5 things that javascript verification is not configured.
With Javascript verification under for example the login pages the the Impersonating/suspcious Browser category could be more accurate than just checking the HTTP header order etc.
You can ask F5 TAC about this as this makes pointless to switch bot profiles as just with an irule you can change the blocking setting for a bot category for a particular URL like the web form login page to block "Suspicious Browser" based on the Challenge-Free Verification.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com