Forum Discussion

Altocumulus

Sep 10, 2021

OTP Flood Attack mitigation

We have application which is sitting behind our F5 WAF, where application receiving high voulme of OTP request on server to generate OTP SMS by attacker. People receiving unwanted OTP message on thei...

ASM Advanced WAF

BIG-IP Access Policy Manager (APM)

security

ragunath154

Cirrostratus

Sep 14, 2021

use the Microservice feature under bot profile.

https://support.f5.com/csp/article/K42323285#sect3

either use the predefined Treat protection like login Protection,Search Protection etc or

use Custom Microservice Protection

set a proper threshold under automate threat detection and mitigation action .

other way create custom signature or bot signature which matches the attacker user agent (if it is something fissy)

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

OTP Flood Attack mitigation

Recent Discussions

Management IP F5 cant be accessed

ASD

Big-IP VE edition for MacBook M4 Chip

301 redirect and waf policy log problem

Background Tasks

Related Content

Cyber Security Attack Mitigations with BIG-IP features

HTTP Post Flood mitigation with LTM

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Mitigating OWASP Web Application Risk: SSRF Attack using F5 XC Platform

Mitigating OWASP Web Application Risk: Broken Access attacks using F5 Distributed Cloud Platform

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS