Bug ID 900793: APM Brute Force Protection resources do not scale automatically

Last Modified: Jul 12, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 16.0.0, 16.0.0.1

Fixed In:
16.1.0, 16.0.1, 15.1.0.5, 15.0.1.4, 14.1.2.7, 13.1.3.5

Opened: Apr 17, 2020
Severity: 3-Major
Related AskF5 Article:
K32055534

Symptoms

Under certain conditions, resources for Brute Force Protection must be manually scaled by administrators to provide full protection.

Impact

Administrators must manually change the hash size upon need instead of relying on the automatic configuration.

Conditions

-- Many virtual server (hundreds) that have web application protection with brute force protection enabled. -- Numerous failed login requests coming to all virtual servers all the time.

Workaround

Set the internal parameter external_entity_hash_size to 0 to allow automatic recalculation of the correct value.

Fix Information

Brute Force Protection resources are now scaled automatically based on available system resources.

Behavior Change