Bug ID 422511: Crash of bd process when an HTTP Class is deleted during a Web Scraping attack

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:

Fixed In:
11.3.0 HF6

Opened: Jun 03, 2013

Severity: 3-Major


A crash of the bd process (the ASM enforcer) occurs when deleting an HTTP Class that has an ongoing Web Scraping attack. This happens if during a Web Scraping attack, the HTTP Class is detached from all Virtual Servers and immediately deleted. The crash happens about two minutes later.


Crash and restart of the ASM enforcer; traffic may be held during the restart, or a fail-over event may occur.


HTTP Class with ASM Policy that has Web Scraping enabled. Will happen only if deleting an HTTP Class with on ongoing Web Scraping attack.


Before deleting an HTTP Class, make sure that it does not have any ongoing Web Scraping attacks using the GUI page Security >> Event Logs : Application : Web Scraping Statistics. If an attack is ongoing, wait until it has ended. The attack should stop a few minutes after detaching the HTTP Class from all the Virtual Servers.

Fix Information

The Enforcer no longer crashes when an HTTP Class, that had an ongoing web scraping attack, was deleted from the configuration.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips