For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

omar_padilla's avatar
omar_padilla
Icon for Altocumulus rankAltocumulus
Jan 22, 2020

help custom policy brute force attack asm!!

hello I have problems thinking about how to make a restriction for the search of a value, in a form I have a field called account number and a search button, you want to limit that search to only 3 a...
application delivery
ASM Advanced WAF
LTM
security
Dario_Garrido's avatar
Dario_Garrido
Icon for Noctilucent rankNoctilucent
Jan 22, 2020

Yes, you need to identify the user someway.

If you cannot do it with the email or another field in the form, I recommend you to modify the html to include a hidden field with information of the user (maybe cookie or something else).

 

Let me know if this helps.

 

KR,

Dario.

Dario_Garrido's avatar
Dario_Garrido
Icon for Noctilucent rankNoctilucent
Jan 23, 2020

BTW, if you only want to block attempts by source IP you can do it using an iRule (counting the number of attempts and include those source IPs in a blacklist).