Forum Discussion
Exclude uri from slowloris mitigation
If you have ASM module enabled then you don't need an iRule as slowloris is already mitigated. LTM with an HTTP Profile configured on the virtual server will also effectively protect your backend servers (pool members) from Slowloris.
You can enhance the protection further by using a Slowloris iRule which will drop the clientside TCP connection if HTTP request is not received within a specific time slot after the connection is established (e.g. 1 second/1000 milliseconds) - this iRule can be found at the bottom of the KnowledgeBase article K10260:
https://support.f5.com/csp/article/K10260
For Slow POST attacks/specific URI - check out this KB Article
https://support.f5.com/csp/article/K42552578
Hope this helps,
Regards,
Sam
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com