F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

RockBD's avatar
RockBD
Icon for Altocumulus rankAltocumulus
Jun 15, 2025

Can I use F5 Big-IP WAF as HoneyPot

Hi to all Can anyone tell me if there any way so that I an use F5 BIG-IP WAF as a HoneyPot. 
application delivery
security
RockBD's avatar
RockBD
Icon for Altocumulus rankAltocumulus
Jun 15, 2025

Do you have any links where I can learn about VS fronting a dummy app and a transparent ASM policy? 

Also, may I know why you are not suggesting not to host a honeypot in the production BIG-IP?

Injeyan_Kostas's avatar
Injeyan_Kostas
Icon for Nacreous rankNacreous
Jun 16, 2025

I don’t have a specific link describing this exact use case, but you can refer to this F5 lab: https://f5-agility-labs-waf.readthedocs.io/en/latest/index.html#
It walks you through setting up a basic transparent WAF policy.

As for the backend app, you could use something lightweight and isolated, like a Docker container running Hackazon or OWASP Juice Shop.
Alternatively, you could have the F5 itself respond with a simple 200 OK to all requests.

Just keep in mind, exposing such a setup to the internet will likely attract a lot of unwanted traffic. Unless you have excess resources you don’t mind consuming, I wouldn’t recommend using your production F5 for this purpose.