Bug ID 450929: Dos attack detects URL although URL mitigation is not configured

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:

Opened: Mar 03, 2014
Severity: 3-Major


URL dos attacks may be detected, even if the URLs mitigation is not marked and detection criteria is not configured. A workaround can be to configure very high numbers at the URL detection criteria, and then un-mark the URL mitigation.


False detection of DoS attack.


This can occur if you have only an IP based rate limit.


A possible workaround would be to set higher value for the URL detection criteria (check a url mitigation to make the detection criteria visible in the GUI, change the values and uncheck it back).

Fix Information


Behavior Change