Forum Discussion
Detect and block HTTP/S related attacks using WAF
Hi All
How can I use Big IP F5 to detect and block bulk HTTP requests to my website, which specific module and rule can be leveraged from Big IP WAF?
Also, how can the Big IP WAF be leveraged to block slow loris attacks? is there any out-of-the-box rule that we can leverage and customize?
Thanks & Regards
SAM
For DOS attacks you better use DOS and BOT protection profiles as most DOS attacks come from Bots, so the Bot profile will block the Bots and the DOS profile will stop the DOS attack if the Bot profile did not manage to handle the Bot detections or the DOS attack commes from human farms that do DOS attacks. Better use the DOS profile with latency detection as it generates less false positives.
https://my.f5.com/manage/s/article/K42323285
For slow loris just use HTTP profile on the VIP as F5 has native protection for such attacks https://my.f5.com/manage/s/article/K10260
For blocking attackers that use scanners and generate many web attacks review the session tracking option in the AWAF that can block user ip addresses or device ID if they generate too many violations:
https://my.f5.com/manage/s/article/K02212345
I suggest to read the F5 AWAF operations to be able to effectively utilize the F5 WAF options:
https://my.f5.com/manage/s/article/K85426947
So, first I would take a look at this good writeup available on DevCentral:
Also, take a look here and search for "Web Applications". It will tell you how to setup DDoS protection for HTTP and HTTPS:
sim2022,
If your issue was resolved please choose Accept As Solution on one (or more) replies.This helps other members find answers more quickly and confirms the efforts of those who helped.
Thanks for being part of our community.
LiefHi sim2022 ,
Do you mean DoS attacks ?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com