Forum Discussion
Simon_Blakely
Oct 15, 2017Employee
With ASM or AFM you can use Dos Profile settings...
Security ›› DoS Protection : DoS Profiles ›› Create New DoS Profile...
Application Security ›› TPS-based DoS Detection
TPS reached: xxx transactions per second
You will need to experiment to determine appropriate values for these settings. If you enable DeviceID in your ASM policy, the client must support Javascript, and may be blocked if it does not do so (even for a policy in Alarm only or Transparent mode). You should also establish a baseline of acceptable traffic levels before trying to exceed TPS detection.
ASM Webscraping protection may also be of value ...
Security ›› Application Security : Anomaly Detection : Web Scraping