Forum Discussion

sunny123's avatar
sunny123
Icon for Nimbostratus rankNimbostratus
Sep 01, 2021

F5 blocking my webpage that works as monitor of Sites hosted behing F5

Hi Guys,

we recently enable ASM module on F5 in evualtion/learning mode only and we have one website that is hosted behind the F5 lTM . Once the ASM module is activated my customer web site hosted in a different data center in Azure cannot get thought F5. this website acts as a web monitor and every 5 min it is monitoring the site hosted being the F5. I get a blank page which looks like this. My web monitor is doing HTTP web request and sometimes this happens. Ther is no disturbance of the site hosted in LTM pools.

In my google Serach it relieves the problem might be in ASM module trying to block. Can you guys provide some pointer how to resolve this issue.

 

<!DOCTYPE html>

<html><head>

<meta http-equiv="Pragma" content="no-cache"/>

<meta http-equiv="Expires" content="-1"/>

<meta http-equiv="CacheControl" content="no-cache"/>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

<link rel="shortcut icon" href="data:;base64,iVBORw0KGgo="/>

 

<script>

 

(function(){

window["bobcmn"] = "11111011101010200000002200000005200000000289895ae4200000096300000000300000000300000006/TSPD/300000008TSPD_101300000005https3000000b0081b93fe10ab20006f0e8f1c61960cb6df13226d973e4b69e019690083a6fd29acdda2b6f1b2f5dd0805bbb5290a280019bbf7f5e3c12d280528f7ff9915458e1d0c71804c667eac9e06aa4ea740e68a5b754f765c6ef008200000000200000000";

 

Regards

Sunil

application delivery
asm
ASM Advanced WAF
bot
LTM
waf

1 Reply

Sort By
  • samstep's avatar
    samstep
    Icon for Cirrocumulus rankCirrocumulus
    Sep 14, 2021

    Obviously you have an F5 ASM configured with Bot Defence - it stops bots (including your monitoring website/script ) from getting through to the backend server because the requests are sent by a script/bot and not a human.

     

    ASM Bot protection works by injecting a piece of encrypted JavaScript into the responses and this JavaScript detects things like mouse moves and keyboard strokes. A real human behind a web browser will be moving the mouse and typing on the keyboard during the session, a robot just send an automated HTTP requests.

     

    If you want your monitoring website not to get blocked then you should configure the Bot Defense whitelist, documented here:

     

    https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-implementations-14-1-0/configuring-bot-defense.html