Set Proactive Bot Defense policy to disabled

Hello, I need a help to understand the way to turn off a bot defense on my policy and/or to make the bot scripts to run correctly. (BIG-IP 13.0.0. HF3)

 

A virtual server with a custom DOS profile attached, having both "Proactive Bot Defense" and "Bot Signatures" in "Off", are sending challenge scripts to the browsers.

 

I realize in event logs, that a builtin policy "/Common/asm-hidden/dos-hidden" overrides those options desired and keeps "On" bot checking, because I can found challenges sent registered in that event logs by this policy.

 

To make it worse, those challenge scripts keeps pages as blank and users need to reload the page to go ahead.

 

To disable this bot defense awhile, I removed both ASM em DOS policy from virtual server.

 

So, is this security policy "hidden" an expected behavior on bot defense? What is the right way to disable or to make scripts to run correctly on browsers?

 

Thank you.