Bug ID 900793: APM Brute Force Protection resources do not scale automatically

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,, 14.1.0,,,,,, 14.1.2,,,,,,, 15.0.0, 15.0.1,,,, 15.1.0,,,,, 16.0.0,

Fixed In:
16.1.0, 16.0.1,,,,

Opened: Apr 17, 2020
Severity: 3-Major
Related Article:


Under certain conditions, resources for Brute Force Protection must be manually scaled by administrators to provide full protection.


Administrators must manually change the hash size upon need instead of relying on the automatic configuration.


-- Many virtual server (hundreds) that have web application protection with brute force protection enabled. -- Numerous failed login requests coming to all virtual servers all the time.


Set the internal parameter external_entity_hash_size to 0 to allow automatic recalculation of the correct value.

Fix Information

Brute Force Protection resources are now scaled automatically based on available system resources.

Behavior Change