Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

F5 Bot defense Profile

Rahul_Rana
Nimbostratus
Nimbostratus

Hi,

 

As I implement Bot defense profile in transparent mode . WAF start changing request URI and adding Query Parameter in URL. So why it adds Query Parameter and what is the use of these Query Parameter. Please find sample.

 

Actual APIs

https://www.g2.com/abc/CW

https://www.g2.com/abc/BE

 

After implementing Bot defense profile in transparent mode, it start adding Query Parameter and requested URI on application shows as:

 

https://www.g2.com/abc/CW?onComplete=hsyhs0dmpy&ajaxAction=0501010200&time=1617604605017

https://www.g2.com/abc/BE?onComplete=607ce3gu34&ajaxAction=0501010200&time=1617604390326

 

Please clarify this.

 

1 REPLY 1

I think this can be because of the Javascript fingerprint or the JavaScript challenge that the bot defence uses:

 

 

 

 

https://devcentral.f5.com/s/articles/proactive-bot-defense-using-big-ip-asm-25685

 

https://support.f5.com/csp/article/K19556739