Bug ID 746750

Bug Tracker
ID 746750

Bug ID 746750: Search Engine get Device ID challenge when using the predefined profiles

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1

Fixed In:
15.0.0, 14.1.0.2

Opened: Oct 12, 2018

Severity: 3-Major

Symptoms

When using one of the pre-defined profiles, "bot-defense-device-id-generate-after-access" and "bot-defense-device-id-generate-after-access", Search Engines might get Device ID challenges (and will most likely get blocked since cannot run JS)

Impact

Search Engines may be blocked.

Conditions

One of the pre-defined profiles ("bot-defense-device-id-generate-after-access" or "bot-defense-device-id-generate-after-access") are attached to vs, and a valid search engine sends requests.

Workaround

Change mitigation of "Trusted Bot" in the attached profile to "Alarm": 1. Go to Security ›› Bot Defense : Bot Defense Profiles ›› bot-defense-device-id-generate-after-access or Security ›› Bot Defense : Bot Defense Profiles ›› bot-defense-device-id-generate-before-access 2. Go to tab "Mitigation Settings" 3. For "Trusted Bot" choose "Alarm". 4. Save profile.

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips