cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Bot defense block false Positive

Hoang_Hung
Altostratus
Altostratus

Hi all

I had configurated Bot defense policy on BIG-IP version 15.1.0.4. After I had applied to block. all requests to the webserver with status blocking.

I don't understand why it blocks.

Please explain help me

Setting policy and Browser Verification : Challenge-Free Verification

0691T000009jCxCQAU.png 

log block

 

0691T000009jCxqQAE.png 

 

Thanks

Hung Hoang

1 REPLY 1

Ivan_Chernenkii
F5 Employee
F5 Employee

Hello Hung,

 

This block is not related to bot mitigation settings. It is related to Browsers verification.

It seems that in browser you send request to not Qualified to Injection URL.

In general, to make URL qualified, you need to get 10 server responses with html tag OR you can manually make URL always qualified by dosl7.cs_qualified_urls sys db - e.g. "modify sys db dosl7.cs_qualified_urls value /1.html,/*php"