Forum Discussion
saidshow
Apr 28, 2020Cirrus
No CAPTCHA - URL is not yet qualified for challenge injection
Hi, I am setting up Brute Force protection in ASM and have noted that I can get this drop traffic and alert, but when attempting to show the CAPTCHA, I only get the blocking page we have config...
Erik_Novak
May 05, 2020Employee
Before brute force mitigation will be applied, ASM must see at least 10 responses in 5 minutes from the back-end application with a Content-Type header of text/html and a response code of 200. If you run this TMSH command you should see the list of all Qualified URLS: <tmsh list sys db dosl7.cs_qualified_urls>
- Nikoolayy1Dec 30, 2023MVP
I needed to qualify urls also for captcha and from my tests the variable works but it is for manually to add urls as dynamicly added qualified urls will not be seen in this variable as they are probably saved in memory.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects