Forum Discussion
JamesS_40157
Dec 20, 2011Nimbostratus
Ok, i've been playing around with this and i've got the initial workings of an irule to potentially do this, but there are several things that dont work...what i've done is this:
1) Disabled the web scraping part of the policy on our default ASM policy/class, but still have it looking for attack signatures.
2) created a new policy / class with ONLY web scraping detection enabled, everything else it does not look for.
I've then applied both classes to a VIP, both classes are default apart from "security enabled". This is my first stumbling block - only the top class seems to fire. If you get through the policy for the class that is on top then it lets you through without going down to the second class.
Is this how it should behave, and am i going down the wrong track?
Thanks