Forum Discussion
NimbostratusiRule to enable specify bot Defense profile
I wanna to create irule to enable specify bot Defense profile for specify host,
Are the script below correct? please comments.
irule for bot defense
===================
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"hrweb.abc.om" {
ASM::enable "/Common/hrweb_SecPolicy"
BOTDEFENSE::enable "/Common/hrweb-bot-defense"
pool hrweb_pool
log local0. "hrweb_pool selected"
}
"Infra.abc.com" {
ASM::enable "/Common/infa_SecPolicy"
BOTDEFENSE::enable "/Common/infa-bot-defense"
pool infa_pool
log local0. "infa_pool selected"
}
}
}
6 Replies
- Juergen_Mang
MVP
You can not switch the Bot Defense profile: https://clouddocs.f5.com/api/irules/BOTDEFENSE__enable.html.
BOTDEFENSE::enable accepts no arguments.
ghcheeHi Juergen,
Do you mean i need to create the separeate irule for ASM policies and BOTDEFENSE profile as below?
Can provide an example?irule for bot defense (e.g.)
=======================
when HTTP_REQUEST {
if {[HTTP::host] starts_with "hrweb.abc.om"} {
BOTDEFENSE::enable "/Common/hrweb-bot-defense"
} else {[HTTP::host] starts_with "Infra.abc.com"} {
BOTDEFENSE::enable "/Common/Infra-bot-defense"
}
}
- zamroni777
you can use gui based traffic policy instead of irule scripting
- ghchee
Hi Zamroni,
Can i keep existing irule for ASM policies for specific host,
and use local policy for BOTDEFENSE for specific host?- zamroni777
irules can be assigned to virtual server along side with traffic policy, but not as juergen wrote, botdefense::enable doesnt have parameter for profile selection
https://clouddocs.f5.com/api/irules/BOTDEFENSE__enable.html
