Bug ID 693451: Proactive Bot Defense has false positive selenuim detection for UCBrowser

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Fixed In:
14.0.0

Opened: Nov 08, 2017
Severity: 3-Major

Symptoms

Proactive Bot Defense reports about selenium detection and blocks legitimate users of UCBrowser.

Impact

Legitimate UCBrowser user blocked or presented with captcha challenge.

Conditions

1. ASM or DoS Provisioned. 2. DoS Application profile assigned to a virtual server. 3. Proactive Bot Defense and Block suspicious browsers sections are enabled in the DoS Application profile configuration.

Workaround

Disable Proactive Bot Defense or change browser_legit_min_score_drop sys db to be higher value. list sys db dosl7.browser_legit_min_score_drop sys db dosl7.browser_legit_min_score_drop { value "120" }

Fix Information

Fixed clientside userAgent parser, after the fix the userAgent parsed correctly as UCBrowser and selenuim tests are done accordingly.

Behavior Change