Bug ID 693663: Proactive Bot Defense sends CAPTCHA to the Firefox browser on iOS only in desktop mode

Last Modified: Nov 20, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3

Fixed In:
14.0.0, 13.1.0.4

Opened: Nov 09, 2017
Severity: 3-Major

Symptoms

When a request arrives from Firefox running on iOS in desktop mode and without TSPD_101 (proactive bot defense cookie). The big-ip respond with captcha challenge.

Impact

Firefox (iOS desktop mode only) end-user presented with captcha challenge.

Conditions

Dos profile attached to a virtual. Dos profile has application security enabled. Dos profile has proactive bot defense enabled.

Workaround

Increase proactive bot defense score. list sys db dosl7.browser_legit_min_score_captcha sys db dosl7.browser_legit_min_score_captcha { value "60" }

Fix Information

User agent parser has been changed (adjusted) for the Firefox browser running in desktop mode. The browser is detected as safari pc and the browser version is taken from Mac version number.

Behavior Change