IP Whitelist in DOS Profile

Question

Hello dears,
I'm observing a behavior where a whitelisted IP address (DOS profile) is being rate limited.
Version: 11.5.3 BigIP ASM
Have also tested in v12.1.1 and the outcome is the same. Only after configuring the IP in a second whitelist (ASM profile), the mitigation stops. Why does the IP whitelist in DOS profile exist if this setting alone does not stop the mitigation?
Configuration:
Security  ››  DoS Protection : DoS Profiles  ››  DoS Profile Properties
IP Address whitelist (Single /32 IP included)Source IP-Based Client Side Integrity Defense (CHECK)Source IP-Based Rate Limiting (CHECK)All other options (NO CHECK)
Event logs:
2016-09-15 14:36:01 Attack started DOS L7 attack Source IP-Based Client Side Integrity Defense x.x.x.x 5 tps 59198038
Reporting:
Dropped requests: 18

chris_grant · Answer

This sounds like a bug (though if route domains are involved, it may not be).  I would recommend opening a case with Support to investigate this.&nbsp;

Forum Discussion

IP Whitelist in DOS Profile

1 Reply

Recent Discussions

F5 Rseries R2600 Tenant sizing

About AWAF "Redirect URLs" in "Responses and Blocks"

ISP Bandwidth Utilization

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Related Content

DoS Profiles

Concept of F5 Device DoS and DoS profiles

Doing mTLS Authentication per URL

L7 DoS Protection with NGINX App Protect DoS

DOS Profile automatic threshold