‎21-May-2021 03:49
Can anyone help me with this issue 😊 regarding blocking DoS attack because It seems that it is not blocking the actual attack and accepting it that cause my webapp loading slowly. It's weird that in my event DoS log the Action is set as(Accept) but in my Dashboard the attack is blocked and when I tried to access my webapp it is loading slowly means it is not blocking the attack. Please see the attached screenshots.
Thank you and God Bless,
Renato
Solved! Go to Solution.
‎22-May-2021 05:53
Hi Renato,
The DoS (together with other AFM policies) can be a bit complex to easily say why something happened/didn't happen, so here are some tips to investigate the issue further;
Lastly, a very useful tool for understanding which policy is impacting what traffic, is the Packet Tester, under Security - Debug - Packet Tester. This will also differentiate between the Firewall, IPI and DoS policies.
Hope this helps.
‎22-May-2021 05:53
Hi Renato,
The DoS (together with other AFM policies) can be a bit complex to easily say why something happened/didn't happen, so here are some tips to investigate the issue further;
Lastly, a very useful tool for understanding which policy is impacting what traffic, is the Packet Tester, under Security - Debug - Packet Tester. This will also differentiate between the Firewall, IPI and DoS policies.
Hope this helps.
‎22-May-2021 06:41
Hi Sir Alex,
Thanks for the tips, I tried your suggestion to configure my IP Intelligence but its still not working. It doesn't blocked the IP of the DoS user i 'don't know if im missing something but you can check my configuration in screenshots, And also sir i encountered weird scenario that my DoS attack doesn't show on my DoS log events/Dos Dashboard.
Thanks,
Renato