For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Force BotDefense Captcha on Specified URL

Problem this snippet solves:

This iRule will force BotDefense to (if it hasn't already) throw up a captcha for a specified URL. This can be helpful when mitigating an attack or for general spam protection purposes.

How to use this snippet:

The iRule can be applied to any virtual server which has a BotDefense profile enabled in blocking mode.

Code :

when RULE_INIT {
  set static::forced_captcha_timeout 30
}

when BOTDEFENSE_ACTION {
  if {[string tolower [HTTP::path -normalized]] contains "my/path/string" && [BOTDEFENSE::cs_possible]} {
    if {[BOTDEFENSE::captcha_age] >= $static::forced_captcha_timeout} {
      BOTDEFENSE::action captcha_challenge
    }
  }
}

Tested this on version:

15.1
Published Mar 13, 2021
Version 1.0
ASM Advanced WAF
iRules
security
No CommentsBe the first to comment