Forum Discussion

davidfisher's avatar
davidfisher
Icon for Cirrus rankCirrus
May 26, 2019

DOS profile blocks postman query and nothing shows in logs

Hi DEVs!

 

I am running 13.1.0.7.

 

When using postman to test a ldap auth, I get an error "required javascript" along with a support ID.

 

This only happens when enabling the dos protection profile - general and if I disable dos protection then the request works fine.

 

 

When I run the support id through the application - requests in asm I get no matches.

 

I have also tried with a new logging profile as below with local logging and enabled dos and asm logging there.

 

 

When I look for any events in security - dos - application even, everything is blank there.

 

Am I hitting some bug behavior here?

 

Also do the support IDs in ASM have any categories? For eg do IDs starting with 8 belong to DOS protection engine and not to ASM engine??

 

Thanks.

LTM
security

4 Replies

Sort By
  • Simon_Blakely's avatar
    Simon_Blakely
    Icon for Employee rankEmployee
    May 26, 2019

    The dos profile is inserting a javascript challenge into the response - if the client does not support javascript (like Postman), you see the HTML text containing that message.

     

    Although this may just be an issue with the Postman response preview ...

     

    Disable any features in the DoS profile that rely on Javascript

    - Proactive Bot Defense

    - Client Side Integrity Defense

     

    • davidfisher's avatar
      davidfisher
      Icon for Cirrus rankCirrus
      May 27, 2019

      I should have added above.

       

      • Why is there no log for the support id being generated
      • And also the dos events logs tab is completely blank.

       

  • Simon_Blakely's avatar
    Simon_Blakely
    Icon for Employee rankEmployee
    May 27, 2019

    Do you have Bot Defense set up in the logging profile associated with the virtual.

    And you need to turn on Log Challenged Requests

     

    Have you enabled Dos Protection in the logging profile?

  • davidfisher's avatar
    davidfisher
    Icon for Cirrus rankCirrus
    May 30, 2019

    Yeah logging for dos bot defense was disabled, I enabled it and disabled the bot defense altogether.

     

    Thanks!