Heavy URL Protection

Question

Hello,Recently practiced heavy duty URL protection in a lab environment...How can I use DVWA or an auction to demonstrate successful use of this feature?How can I demonstrate this in a lab environment?Any help is appreciate.

daniel_wolf · Answer

Hi&nbsp;SanYang,
what would you expect to see as a succesful demonstration of Heavy URL protection working?
The idea is, that you use BaDOS - which is L7 DDoS protection based on Machine Learning.And a heavy URL would a URL which the ML should consider specially, because a request to this URL would cause a high load on the pool member(s) and an attacker could consume all resources on the backend system with just a few requests. See this URL:&nbsp;https://clouddocs.f5.com/training/community/ddos/html/class7/bados/module2.html&nbsp;
You would need a web application that has a similar URL, for example SELECT * FROM a large database.Then you try a low and slow attack on this URL and see how BaDOS recognizes and mitigates such attack.
KRDaniel

Forum Discussion

Heavy URL Protection

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Related Content

L7 DoS Protection with NGINX App Protect DoS

F5 API Security: Discovery and Protection

Cookie-based DDoS protection

NGINX App Protect v5 Signature Notifications

Protecting gRPC based APIs with NGINX App Protect

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS