Forum Discussion
AltocumulusF5 BOT DEFENSE AWAF blocked some legitimate browsers
fred_zeig77 hello Here are a couple things to look at that may help answer your questions.
As for is it still being defined(updated) yes as a Security module it is updated with new attack signatures
For your second question about a Best Practices for implementing the Bot Defense.This article should help with that.
Configuring Bot Defense
Some further things you can check on
K58581034: Bot defense blocks traffic with anomaly ''Invalid HTTP Headers Presence or Order''If you are still having trouble, I would suggest reaching out to our Support engineers to assist.
Moderatorfred_zeig77 hello Here are a couple things to look at that may help answer your questions.
As for is it still being defined(updated) yes as a Security module it is updated with new attack signatures
For your second question about a Best Practices for implementing the Bot Defense.
This article should help with that.
Configuring Bot Defense
Some further things you can check on
K58581034: Bot defense blocks traffic with anomaly ''Invalid HTTP Headers Presence or Order''
If you are still having trouble, I would suggest reaching out to our Support engineers to assist.
AltocumulusOh Thank you for these links, sir!
I read it and saw the part that it requires the F5 device to have DNS resolver configured. Is this a necessity for the whole function to work properly or just some other features of BOT defense cause it is the practice of our client to disallow any dns lookups from their DMZ server environment? Maybe that is why I got false positives in bot defense?
