Forum Discussion
CirrocumulusAWAF version 15.1.8.1 does not support Brute Force as one of the attacks for Delayed Blocking
Hi;
With Delayed Blocking, one of the attacks in the list of attacks that can be associated with delayed blocking is "Brute Force, maximum login attemps are exceeded"
For some reason, I cannot find this attack type in the list and I know it used to be there in previous versions of TMOS.
Kindly
Wasfi
I found out from F5 that this feature has been discontinued. It used to be there in versions 11 and 12.
4 Replies
- whisperer
MVP
Thought this was an option for application security access session tracking (APM) and preventing session hijacking and tracking user sessions (ASM).
Hi Wasfi,
Can you please check it here
ASM is going to check the failed login attempts here:
Please check the below link for more detail:
https://clouddocs.f5.com/training/community/waf/html/waf341/module1/lab1/lab1.html
Wasfi_BounniThe issue is that "Brute Force: Maximum Logins exceeded" is not there as an option as one of the associated violations for delayed blocking under sessions and logins. Although all other violations are in the available list.
- Wasfi_Bounni
I found out from F5 that this feature has been discontinued. It used to be there in versions 11 and 12.
