Forum Discussion
NimbostratusIrule to bypass ASM Web Scraping
Hi all,
hoping someone may be able to assist we have a web monitoring tool traffic that is being blocked as Web Scraping ( Far too many source IP addresses for whitelisting) is it possible to create an Irule that interrogates a cookie and bypasses Web Scraping detection..
Not quite sure if or how this could be done would appreciate any assistance.
Regards
Paul
3 Replies
HamishCirrocumulus
Sure.
The ASM docs have an example iRule that disables ASM processing on a whitelisted set of IP addresses (Kept in a DataGroup). It should be relatively easy for you to alter that iRule to disable on cookies instead (Hint. Change the line that says
if {[matchclass [IP::client_addr] equals bypass_asm_class]}{The ASM docs for ASM::disable are at https://clouddocs.f5.com/api/irules/ASM__disable.html
Lee_SutcliffeNacreous
Looks like the docs need updating.. matchclass is deprecated
https://clouddocs.f5.com/api/irules/matchclass.html?highlight=matchclass
EmadCirrostratus
This might help.
when ASM_REQUEST_DONE { if { [HTTP::cookie exists "cookie-name"] and [ASM::violation count] < 2}{ if {[ASM::violation attack_types] equals "ATTACK_TYPE_WEB_SCRAPING" }{ ASM::unblock } } }
