How to easily protect your BIG-IP applications using F5's Distributed Cloud Bot Defense with iApps
This article assumes that you have access to the F5 Distributed Cloud and you are using BIG-IP version 14.1 to 16.x
If you have BIG-IP version 17.0 and wish to use the Native SaaS Service click here.
Log in to your tenant dashboard. You should now see a new tile called Bot Defense.
Click on the Bot Defense tile. You are presented with the following screen:
Verify the correct "Namespace" in the upper left and then click on “Add Protected Application.”
The following screen appears, and you need to supply the highlighted information:
- Connector Type
Click Save and Exit.
Back in the Bot Defense management space, select the application you just created by clicking the … dots, and then Download the template file, saving it where you can access it when configuring your BIG-IP.
Now we will switch to your BIG-IP where your application is protected and hosted. For this iApp template to work, you need to be on version 14.1 up to 16.x. F5 has made this Bot Defense native as a SaaS service in version 17.0. Covered in this article.
Select iApps, Templates and Import the template you downloaded from the F5 XC Bot console.
Next select iApps, Application Services and Select Create.
Give your application a name, select the template you installed and click Finished.
In the following sections I have highlighted sections I want to call out. In addition, another article will be devoted to all the knobs and widgets on this page. I am just discussing the minimum to easily deploy F5 XC Bot Defense.
In the JS Injection Configuration section you have fine controls over where and when you inject JS. You need to decided if you are going to have the BIG-IP handle the JS injections. If so, the path or URL, the locations, whether to Inject Telemetry and what pages to include or exclude.
Next is the Shape Endpoints Configuration. This is where you decided what endpoints you want to protect from automated bots. You supply the host, url or path, the method and the mitigation you desire, continue, redirect, block or drop. These pages typically are login pages.
Next is the Shape ISTL Endpoint Configuration. This is used to protect from web scraping type of attacks. Again you supply the host, path the methods, generally GET, and the mitigation action.
In page two, you see your unique API request setting that the iApp has populated and you now select what virtual server you are going to apply the iApp and configuration against.
When configured click “Finished”
Below is an example of a demo configuration.
That is how simple and quickly you have protected your application with F5's XC Bot Defense. Next we will switch back to the F5 XC Dashboard and see the mitigation taking place.
Navigate to Bot Defense, Overview, Monitor..
As you can see, F5's XC Bot Defense was able to successfully stop bot attacks from the endpoints you protected. You are able to see the Countries, the endpoints and the action, along with the number of bots versus human traffic.