F5 Bot defense Profile

Question

Hi,&nbsp;As I implement Bot defense profile in transparent mode . WAF start changing request URI and adding Query Parameter in URL. So why it adds Query Parameter and what is the use of these Query Parameter. Please find sample.&nbsp;Actual APIshttps://www.g2.com/abc/CWhttps://www.g2.com/abc/BE&nbsp;After implementing Bot defense profile in transparent mode, it start adding Query Parameter and requested URI on application shows as:&nbsp;https://www.g2.com/abc/CW?onComplete=hsyhs0dmpy&amp;ajaxAction=0501010200&amp;time=1617604605017https://www.g2.com/abc/BE?onComplete=607ce3gu34&amp;ajaxAction=0501010200&amp;time=1617604390326&nbsp;Please clarify this.&nbsp;

nikoolayy1 · Answer

I think this can be because of the Javascript fingerprint or the JavaScript challenge that the bot defence uses:&nbsp;&nbsp;&nbsp;&nbsp;https://devcentral.f5.com/s/articles/proactive-bot-defense-using-big-ip-asm-25685&nbsp;https://support.f5.com/csp/article/K19556739&nbsp;&nbsp;

Forum Discussion

F5 Bot defense Profile

1 Reply

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

SSL Forward Proxy, iRules and Client Hello

monitor/healthcheck issue with envoy gateway

Recommendation for Adv. Lab

Changes to DO and AS3 GitHub - no longer monitored

How to Verify config before loading to F5

Related Content

Bot Management Strategy - Defense against malicious bots with F5 Distributed Cloud Bot Defense

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

F5 Distributed Cloud Bot Defense (Overview and Demo)

Bot Defense causing a lot of false positives

BoT Defense Profile, Signature Enforcement

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS