Bug ID 753923: Detected Web Scraping negative enforcement prevent human state even when they are disabled

Last Modified: Jan 29, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Opened: Dec 21, 2018
Severity: 4-Minor

Symptoms

The negative enforcement within the Bot Detection (Web Scraping) feature could prevent a human state from being detected even after disabling the negative enforcement using the Internal Parameter. Disabling the negative enforcement is done via Internal Parameter: /usr/share/ts/bin/add_del_internal add ws_cshui_susp_event_bot_score 0 bigstart restart asm

Impact

Some web clients may get blocked due to this anomaly.

Conditions

- Bot Detection (Web Scraping) is enabled on the ASM Security Policy - Rare hardware on the client is used which causes negative enforcement to be detected - Negative enforcement is disabled via ASM Internal Parameters

Workaround

None

Fix Information

None

Behavior Change