inter84_376679
Nov 11, 2018Nimbostratus
Bruteforce configuration issue with x-www-urlencoded
Hello,
We have the following brute-force configuration issue with the x-www-urlencoded application content-type, on our: BIG-IP Version 13.1.1
We have a login page test-app.domain.co.il/login which POSTS to test-api.domain.co.il/Token
Headers are (not working request, and essentially an issue itself):
And the invalid username or password response header looking like this:
While testing with the Postman using "form-data" request, the F5 successfully catches and blocks the brute force request. The Postman request itself (working request):
At the Brute-force configuration we have tried the “JSON/ AJAX Request” and the “HTML form” methods, but with no luck..
We will appreciate any help.
Thanks!