F5 ASM User Agent handling

Question

Hello Experts,&nbsp;&nbsp;How to allow user-agents (Example : mogilla, ucf, any custom user agent, android browser) on F5 ASM if it is blocked by ASM.&nbsp; We checked some articles where it is suggested to block the user agent via iRule. but in our case we want to control the same through ASM itself.&nbsp;Rgds&nbsp;

danskow · Answer

Hello,The options are:iRule to drop requests. If you want to keep track of how many requests are dropped by the iRule, you can create a Statistics profile that increments by 1 every time the iRule event is triggered. I can post more details about this if you want, but I do this for a different situation and have a cron job that logs the amount of hits each day, then resets the counter.Create a custom ASM Attack Signature for "Matched Element Header, Matched Criteria &lt;custom user agent&gt;"&nbsp;Create a custom Bot Signature for "User Agent contains &lt;custom user agent&gt;"&nbsp;Whatever option you choose, make sure you test it in a dev environment first, or an attack signature set that is only set to alarm.&nbsp;

eagertolearn · Answer

Hi All,&nbsp;&nbsp;Requesting If anyone can reply.

eagertolearn · Answer

Thanks Dan

Forum Discussion

F5 ASM User Agent handling

Recent Discussions

Question about WAF Enforced with has suggestion Signature

BIG-IP syslog include

URL redirection

URL redirect

Help me understand Load Balancing

Related Content

BIG-IP Orchestrate in private Data Center using Terraform Cloud Agent

Fortify HashiCorp Terraform Cloud automation for BIG-IP using Open Policy Agent - OPA

iRules LX Sideband Connection - Handling timeouts

User-Agent Irule to avoid APM policy

User access to servers