Forum Discussion

JamesS_40157's avatar
JamesS_40157
Icon for Nimbostratus rankNimbostratus
Dec 20, 2011

Disable web scraping detection per geolocation?

Hi,     I was wondering if it's possible to disable web scraping detection based on geolocation? We have web scrapers trying to get to our site from all over the world, however they mostly appea...
app sec
BIG-IP Access Policy Manager (APM)
security
JamesS_40157's avatar
JamesS_40157
Icon for Nimbostratus rankNimbostratus
Dec 20, 2011
Ok, i've been playing around with this and i've got the initial workings of an irule to potentially do this, but there are several things that dont work...what i've done is this:

 

 

1) Disabled the web scraping part of the policy on our default ASM policy/class, but still have it looking for attack signatures.

 

2) created a new policy / class with ONLY web scraping detection enabled, everything else it does not look for.

 

 

 

I've then applied both classes to a VIP, both classes are default apart from "security enabled". This is my first stumbling block - only the top class seems to fire. If you get through the policy for the class that is on top then it lets you through without going down to the second class.

 

 

 

 

 

Is this how it should behave, and am i going down the wrong track?

 

 

 

Thanks