Forum Discussion

Nimbostratus

Aug 04, 2020

Drop or Blacklisting any source IP when request status is illegal or blocked

Hi all, Do I have to drop or put to blacklist all requests by "source" IP addresses when they make 5 attacks requests in 5 minutes? For example: I have 5 attacks with status (Http protocol c...

Employee

Aug 06, 2020

Hello,

You can do it via "Session Awareness" feature ("Security ›› Application Security : Session Tracking" page) - you just need to set your criteria and set "Block All" period... or you can put them into blacklist IP addresses, if you want.

Thanks, Ivan

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Drop or Blacklisting any source IP when request status is illegal or blocked

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

SSL Bridging and FQDN rewrite Policy

How can I get started with iCall

Checking for X-Forwarded-For against an Address Data-Group

Related Content

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

With the ASM, can illegal requests be CSV exported?

BIG-IP AFM Blacklisting Magic

Global Blacklist or Whitelist

Logging DNS Requests

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS