Forum Discussion
Jeremiah-Swanso
Nimbostratus
NimbostratusWeb Scraping Configuration
We would like some clarification on the F5 Web Scraping Application Security that we can't seem to find.
Does this block based on session or IP? If a bot is detected during the grace interval, a...
nathe
Cirrocumulus
CirrocumulusJeremiah,
I think you've found the answer in the tests but I would've said it was Session based, mainly because ASM uses TS cookies as part of its Web Scraping mitigation.
You're right about the Unsafe Period - the session is blocked for this amount of requests and then the grace period kicks in again to allow ASM to re-evaluate the requests. So, it looks like by resetting the session is a way back in.
I've just re-checked the GUI and noticed something I haven't seen before "Persistent Client Identification". Do you have this enabled? I wonder, from looking at the Help, whether this will store the client IP and then block on this, for the period configured. Worth a look I think.
If not then I can only recommend an iRule to respond to the ASM_VIOLATION event.
Hope thiis helps,
N