Forum Discussion

Nimbostratus

Oct 14, 2019

Linux (Kali) found our application hosted behind F5

We want to stop display of banner name of F5 to any WAF detection tools , as during VAPT it was seen that wafw00f (A WAF detection Tool) is able to find out our WAF name through our application. ...

ASM Advanced WAF

BIG-IP Access Policy Manager (APM)

security

boneyard

MVP

Oct 14, 2019

APM isn't really a WAF, it is an authentication module.

and trying to stop APM from getting detected will be impossible in my opinion. the whole setup with the my.policy and such is hard coded, the login page contains lots of finger printable information.

you will need to do some extreme things to make this happen, i wouldn't pursue it. just keep your BIG-IP updated and keep an eye out for security alerts.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Linux (Kali) found our application hosted behind F5

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Introducing the F5 Application Study Tool (AST)

System Prerequisites for Deploying the Application Study Tool

Kali Purple, Linus Tech Tips, SDR - March 18th - 24th, 2023 - F5 SIRT - This Week in Security

Application Study Tool: Make Grafana Listen on HTTPS

Application Study Tool: Bring your own Prometheus

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS