Forum Discussion

Altostratus

May 10, 2022

Bot Protection marks Samsung Internet as malicious

Hello, We have discovered that after Samsungs latest upgrade of the built in "Internet" (Samsung Internet Browser) 17.0.1.69, the bot protection both in transparent and blocking mode adds the cook...

security

Nikoolayy1

MVP

May 10, 2022

Why don't you add the bot as an exception "Mitigation Settings Exceptions" or Whitelist the source IP for the Bot protection:

https://support.f5.com/csp/article/K42323285

Fredrik_Daniels
Altostratus
May 10, 2022
Hi!

We have done this both with contains SamsungBrowser/17.0 and added it as exception. We can't whitelist on IP unfortunately. I will however look into the article again if i have missed something.

Best regards,
- Nikoolayy1
  MVP
  May 10, 2022
  Your Bot Protection is the F5 Advanced WAF (ASM) Bot protection right? You do not use Shape security with F5 Big-IP?
  
  Also from some bugs in the bug tracker you may try stopping the browser verification or Change browser_legit_min_score_drop sys db to be higher value.
  
  https://cdn.f5.com/product/bugtracker/ID693782.html
  
  https://cdn.f5.com/product/bugtracker/ID745531.html
  
  https://cdn.f5.com/product/bugtracker/ID742852.html
  
  As I see many issues with different browsers better open F5 case so they can add this to the Bug tracker for Samsung.
  - Fredrik_Daniels
    Altostratus
    May 10, 2022
    Yes, WAF Bot protection.
    
    Thing is, i don't understand why its happening when policys also are in transparent mode.