Forum Discussion

Nimbostratus

Mar 28, 2023

F5 LTM/ASM , I-rule to ignore query string to prevent DDOS attack.

Hello guys, My environment : F5 ltm, ASM learning mode. Webapp: Public facing site with many pages with few search pages and filtering pages. I see many people are hitting the site with unknow qu...

application delivery

Brandon_

Employee

Mar 30, 2023

Hello sunny123!

KeesvandenBos has provided a viable iRule solution, for a specific attack but to continue answering the second part; yes! Advanced WAF has denial of service capabilities specifically to mitigate these types of attacks.

Here is a great video overview of how behavioral DoS can react to stress on your backend systems and mitigate aggressive requests.

https://www.youtube.com/watch?v=uLhJNoEMsqA

There's an entire implementations guide "Preventing DoS Attacks on Applications"

https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-implementations/preventing-dos-attacks-on-applications.html

And well, because a lot of these types of requests are automated, F5's bot defense can help you identify and mitgate automated requests.

HTH

-Brandon

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)