Set Proactive Bot Defense policy to disabled

Question

Hello,
I need a help to understand the way to turn off a bot defense on my policy and/or to make the bot scripts to run correctly. (BIG-IP 13.0.0. HF3)&nbsp;
A virtual server with a custom DOS profile attached, having both "Proactive Bot Defense" and "Bot Signatures" in "Off", are sending challenge scripts to the browsers.&nbsp;
I realize in event logs, that a builtin policy "/Common/asm-hidden/dos-hidden" overrides those options desired and keeps "On" bot checking, because I can found challenges sent registered in that event logs by this policy.&nbsp;
To make it worse, those challenge scripts keeps pages as blank and users need to reload the page to go ahead.&nbsp;
To disable this bot defense awhile, I removed both ASM em DOS policy from virtual server.&nbsp;
So, is this security policy "hidden" an expected behavior on bot defense?
What is the right way to disable or to make scripts to run correctly on browsers?&nbsp;
Thank you.&nbsp;

suttonsc · Answer

Are there any security analytics profiles applied to the virtual server, specifically with collect-all-dos-statistic enabled?&nbsp;

Forum Discussion

Set Proactive Bot Defense policy to disabled

1 Reply

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

Proactive Bot Defense Using BIG-IP ASM

AppSec Made Easy: Proactive Bot Defense

Bot Management Strategy - Defense against malicious bots with F5 Distributed Cloud Bot Defense

Bot Defense for Mobile Apps in XC WAAP Part 1: The Bot Defense Mobile SDK

Proactive Bot Defense Bypass by Bot Signature