For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ErkkiS_295148's avatar
ErkkiS_295148
Icon for Cirrus rankCirrus
Sep 28, 2017

f5 asm login pages / brute force detection header value

Hello,   I am trying to configure brute-force prevention and login pages. I have a header value that is set when the login fails on the specified login URL: "login-failed: true".   When the lo...
ASM Advanced WAF
security
Chris_Grant's avatar
Chris_Grant
Icon for Employee rankEmployee
Oct 04, 2017

The application would need to have a header or string that signified a successful login for you to be able to use a header. We support the use of a header to signify success, but not to signify failure. We tend to assume failure until shown success. You can always open a support case and make a Request For Enhancement (RFE). We can send that to PD and request this feature, but can't guarantee when it might be implemented (or even if).