Forum Discussion

Nimbostratus

Mar 15, 2023

ASM Brute Force Protection feature inserts the script to response headers. How it may be removed?

Hello, We have faced with a problem, when Brure Force Protection feature inserts the script to response header. I have pasted the script below. The fact is that script is inserted for each applicati...

brute force

security

Daniel_Wolf

MVP

Mar 17, 2023

Hi SerhiiR,

this looks like Device ID is enabled in your bot defense profile. Can you verify?
For Login Page protection you can use Device ID, I'd even recommend to use it. But in case it causes an issue with your application, you may either debug why your app has a problem with sideband loading of JS or just switch the Device ID feature off.

KR
Daniel

SerhiiR

Nimbostratus

Mar 20, 2023

Hello Daniel,

Thank you for the recommendation. But we do not have the bot defense profile at all. From the Brute Force Protection configuration, the device ID is switched to Never Trigger.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)