Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

F5 Bot defense Profile

Rahul_Rana
Nimbostratus
Nimbostratus

‎07-Apr-2021 09:08

Hi,

 

As I implement Bot defense profile in transparent mode . WAF start changing request URI and adding Query Parameter in URL. So why it adds Query Parameter and what is the use of these Query Parameter. Please find sample.

 

Actual APIs

https://www.g2.com/abc/CW

https://www.g2.com/abc/BE

 

After implementing Bot defense profile in transparent mode, it start adding Query Parameter and requested URI on application shows as:

 

https://www.g2.com/abc/CW?onComplete=hsyhs0dmpy&ajaxAction=0501010200&time=1617604605017

https://www.g2.com/abc/BE?onComplete=607ce3gu34&ajaxAction=0501010200&time=1617604390326

 

Please clarify this.

 

Labels:
0 Kudos
1 REPLY 1

Nikoolayy1
MVP
MVP

‎07-Apr-2021 13:07

I think this can be because of the Javascript fingerprint or the JavaScript challenge that the bot defence uses:

 

 

 

 

https://devcentral.f5.com/s/articles/proactive-bot-defense-using-big-ip-asm-25685

 

https://support.f5.com/csp/article/K19556739

 

 

0 Kudos
Copyright © 2023 Khoros, LLC