Proactive Bot Defense Using BIG-IP ASM

Bots are everywhere.  Some of them are nice, desirable bots; but many of them are not.  By definition, a bot is a software application that runs automated tasks (scripts) over the Internet.  The desi...
Updated Jun 06, 2023
Version 2.0
ASM Advanced WAF
bot
security
lnxgeek's avatar
lnxgeek
Icon for MVP rankMVP
Jul 20, 2018

Hello Ivan

 

You are hitting the problem which is fixed by upgrading to the advanced ASM + mobile SDK.

 

Your issue as I see it (warning assumptions are being made :-) ) is that the mobile app doesn't handle the javascript challenge very well - it is not a browser so you can't assume that will work.

 

Take a look at this wiki page: https://clouddocs.f5.com/api/irules/BOTDEFENSE_ACTION.html

 

Here you can disable PBD for specific URL's based on whatever logic you like. If you can detect that it is the mobile app coming in by looking at headers etc. or other behaviours then use that to disable the PBD.

 

But the right solution will be to compile the app with the F5 SDK into it so it can answer the PBD challenge correctly. This will limit your attack surface and give the full feature set of ASM.

 

Hope this makes sense.