F5 Bot defense Profile

Question

Hi,&nbsp;As I implement Bot defense profile in transparent mode . WAF start changing request URI and adding Query Parameter in URL. So why it adds Query Parameter and what is the use of these Query Parameter. Please find sample.&nbsp;Actual APIshttps://www.g2.com/abc/CWhttps://www.g2.com/abc/BE&nbsp;After implementing Bot defense profile in transparent mode, it start adding Query Parameter and requested URI on application shows as:&nbsp;https://www.g2.com/abc/CW?onComplete=hsyhs0dmpy&amp;ajaxAction=0501010200&amp;time=1617604605017https://www.g2.com/abc/BE?onComplete=607ce3gu34&amp;ajaxAction=0501010200&amp;time=1617604390326&nbsp;Please clarify this.&nbsp;

nikoolayy1 · Answer

I think this can be because of the Javascript fingerprint or the JavaScript challenge that the bot defence uses:

https://devcentral.f5.com/s/articles/proactive-bot-defense-using-big-ip-asm-25685

https://support.f5.com/csp/article/K19556739

Forum Discussion

F5 Bot defense Profile

1 Reply

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

About Bot Defense can't display

BoT Defense Traffic Analytics Tab

Bot defence profile on F5 ASM

Proactive Bot Defense Bypass by Bot Signature

OWASP Tactical Access Defense Series: How BIG-IP APM Strengthens Defenses Against OWASP Top 10