Bug ID 450929: Dos attack detects URL although URL mitigation is not configured

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:

Opened: Mar 03, 2014

Severity: 3-Major


URL dos attacks may be detected, even if the URLs mitigation is not marked and detection criteria is not configured. A workaround can be to configure very high numbers at the URL detection criteria, and then un-mark the URL mitigation.


False detection of DoS attack.


This can occur if you have only an IP based rate limit.


A possible workaround would be to set higher value for the URL detection criteria (check a url mitigation to make the detection criteria visible in the GUI, change the values and uncheck it back).

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips