Forum Discussion
How does ASM's dos strategy return the interception response page
How does ASM's dos strategy return the interception response page? Is it possible to achieve DoS protection for behavioral and stress-based interception and return to the response page through irules?
Hi longyuan,
Behavioral DoS is much more effective against mitigating multi-vector Layer 7 DoS attacks.
Stress-based DoS is better at defining specific rate limits.
Technically it is possible to configure both protections concurrently, complementing each other.
From experience I recommend against configuring both of them together. BaDOS alone is fine, it works reliable. Setting threshold values for for stress-based mitigation can be cumbersome and is error prone.
Details about the mitigation methods can be read here:
https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-implementations-14-1-0/preventing-dos-attacks-on-applications.html
KR
Daniel
- longyuanAltostratus
How to set the intercept response page for dos attack?
There in no response page you can configure, attackers will get a TCP reset.
See here: K04550557: Overview of BIG-IP ASM blocking response
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com