IP Whitelist in DOS Profile

Question

Hello dears,
I'm observing a behavior where a whitelisted IP address (DOS profile) is being rate limited.
Version: 11.5.3 BigIP ASM
Have also tested in v12.1.1 and the outcome is the same. Only after configuring the IP in a second whitelist (ASM profile), the mitigation stops. Why does the IP whitelist in DOS profile exist if this setting alone does not stop the mitigation?
Configuration:
Security  ››  DoS Protection : DoS Profiles  ››  DoS Profile Properties
IP Address whitelist (Single /32 IP included)Source IP-Based Client Side Integrity Defense (CHECK)Source IP-Based Rate Limiting (CHECK)All other options (NO CHECK)
Event logs:
2016-09-15 14:36:01 Attack started DOS L7 attack Source IP-Based Client Side Integrity Defense x.x.x.x 5 tps 59198038
Reporting:
Dropped requests: 18

chris_grant · Answer

This sounds like a bug (though if route domains are involved, it may not be).  I would recommend opening a case with Support to investigate this.&nbsp;

Forum Discussion

IP Whitelist in DOS Profile

1 Reply

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

F5 BIG-IP Advanced WAF – "dos profile" reporting

F5 BIG-IP Advanced WAF – DOS profile configuration options.

Concept of F5 Device DoS and DoS profiles

DoS Profiles

L7 DoS Protection with NGINX App Protect DoS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS