Bug ID 974425: Legitimate clients using new browsers might get mitigated by Bot Defense Profile

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,, 16.0.0,, 16.0.1,,

Fixed In:

Opened: Dec 16, 2020
Severity: 4-Minor


As part of Bot Defense Profile browser verification, client capabilities are tested, and if they do not match what is expected, they are mitigated. Some new browser versions exist that do not apply the current expected capabilities.


Legitimate clients are mitigated.


-- Bot Defense Profile is attached to a virtual server. -- Browser Verification is set to 'verify before access' or 'verify after access'. -- Client is using a new browser version.



Fix Information

Update expected capabilities.

Behavior Change