Forum Discussion

Cirrus

Apr 27, 2020

No CAPTCHA - URL is not yet qualified for challenge injection

Hi, I am setting up Brute Force protection in ASM and have noted that I can get this drop traffic and alert, but when attempting to show the CAPTCHA, I only get the blocking page we have config...

Employee

May 04, 2020

Does your /LoginHere.aspx contain HTML tag in response?

It must include HTML tag to be qualified. If this is so, then you need to send 10 requests to /LoginHere.aspx (no need to login), after that URL should be qualified for challenge injections.

Thanks, Ivan

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

No CAPTCHA - URL is not yet qualified for challenge injection

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Connection Rate Limit with log output

syslog over tcp and define management IP as source

Managing iRules configuration

Recommendation for Adv. Lab

Related Content

LLM Prompt Injection Detection & Enforcement

Logging/Blocking possible prompt injection

WAF evasion techniques for Command Injection

Serverside SNI injection iRule

Mobile Security: Current Challenges & A Vision For The Future

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS