Forum Discussion

Nimbostratus

Oct 14, 2021

Brute Force Prevention For Mobile Applicaiton

Hi dev community, BF Protection works like a charm for Web applications . I have a very specific requirement to configure bf protection for mobile applications. What are possibilites we can pr...

Daniel_Wolf

MVP

Oct 15, 2021

Hi ,

what kind of brute force attacks do you expect on this authentication method?

You could configure the BIG-IP to validate the JWT token. I am guessing now - is the mobile app accessing some kind of API and the JWT is used for authentication? Then maybe you want to look at APM and API Protection. You can do token validation and rate limiting with API Protection.

Link: API Protection Concepts

Another good read on JWT is this one: JWT: A How Not to Guide

I hope this is a good starting point for you.

Daniel

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Brute Force Prevention For Mobile Applicaiton

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

Protecting Your Native Mobile Apps with F5 XC Mobile App Shield

Making Mobile SDK Integration Ridiculously Easy with F5 XC Mobile SDK Integrator

Bot Defense for Mobile Apps in XC WAAP Part 1: The Bot Defense Mobile SDK

Guarding Large Language Models: Advanced Approaches to Preventing Model Theft

Operationlizing Online Fraud Detection, Prevention, and Response

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS