User gets blocking page instead of captcha during brute force attack

Question

Hello everyone,
I want to mitigate brute force captcha to Exchance OWA. However, user gets blocking page instead of captcha during brute force attack. Although I created brute force protection configuration as alarm and captcha mitigation, in the blocked request, I see that the reason for blocking page is brute force attack with alarm and blocking page mitigation. Have you encountered the same problem before or does anyone know what should be done in that case?&nbsp;
Some informations about my policy are listed below:&nbsp;
Brute force is configured with alarm and captcha mitigation.The only source configured is username.My login page is /owa/auth.owa.Authentication Type is HTML Form.Username Parameter Name is username and Password Parameter Name is password.Expected HTTP response status code is 302.F5 version is 14.0.0.2My security policy is created with Exchance 2016 template.
Best regards,
Canan&nbsp;

jacobcaballero · Answer

Hi Canan,&nbsp;
Fortunately, I am familiar with this issue. You need to qualify the URL as a login page. You must log into the command line and run the command: tmsh modify /sys db asm.cs.qualified_urls value /loginpage.mvc&nbsp;
This should fix your problem. Let me know if it works for you! &nbsp;

bobow · Answer

Hi Jacob,&nbsp;there is no impact on system?What the command if we want to revert back after do command "tmsh modify /sys db asm.cs.qualified_urls value /loginpage.mvc" ?&nbsp;Thanks

Forum Discussion

User gets blocking page instead of captcha during brute force attack

2 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

OWASP Automated Threats - CAPTCHA Defeat (OAT-009)

captcha not show after enable header security

Block traffic

domain blocking

Force BotDefense Captcha on Specified URL