Forum Discussion

Altocumulus

Aug 10, 2019

Brute force protection for an API endpoint (no login page)?

Hello, Configuring Brute force protection entails declaring the login page(s).. Is it possible to use this protection on a site where every page is a login page, in a sense? It's an API endpoint and...

ASM Advanced WAF

security

Mohamed_Lrhazi

Altocumulus

Aug 14, 2019

Thanks KR. Indeed it work fine. Just declare /* as a login page.

Dario_Garrido
Noctilucent
Aug 15, 2019
Glad to hear this!
Please, if my answer was helpful, don't forget to mark it as "the best" or give me some upvotes.

KR,
Dario.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Brute force protection for an API endpoint (no login page)?

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

TCPDUMP in BigIP for traffic coming from distrbuited cloud.

Adding my Product and support to bigF5 account

Illigal Parameter addition as custom signature set wanted to Unblock

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

iRules for recreation: HTTP Protocol Parser implemented using BIG-IP iRule(unfinished)

Related Content

Poor Man's WAF for AI API Endpoints

Embedding APM Protected Resources into Third-Party Sites

L7 DoS Protection with NGINX App Protect DoS

Apache Airflow Unsafe API Endpoint

Runtime API Security: From Visibility to Enforced Protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS