Forum Discussion

sachin_80710's avatar
sachin_80710
Icon for Nimbostratus rankNimbostratus
Jun 04, 2015

ASM login url validation header name and value (BruteForce)

Hi Team,

 

We are trying to configure bruteforce attack detection, but unable to understand how to configure login page url validation header name and value. we would like to validate based on location URL. for that we tried below option

 

Location: https://xyz.com/abc "Location: https://xyz.com/abc" "Location" = "https://xyz.com/abc" "Location"="https://xyz.com/abc" "location" equals "https://xyz.com/abc"

 

but these are not working. Any f5 documents also dont have single example for this.

 

Thanks, Sachin

 

1 Reply

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus

    I've tested this (very crudely) and just entered in:

     

    Connection Keep-Alive

     

    No quotes, or colons and a space between the header and value.

     

    This worked for me.

     

    In your case it might be

     

    Location https://xyz.com/abc

     

    I'd checked the output of curl, or httpfox to confirm the Location header/value - as I imagine you have.

     

    Hope this helps,

     

    N