Forum Discussion

natethegreat_23's avatar
Icon for Nimbostratus rankNimbostratus
Mar 12, 2018

Is there a way to have Proactive Bot Defense in Transparent mode (v12)?

I am working on a new DoS profile and would like to not have it block requests but alert on them so I can get a good idea of what configuration tweaks I need to make. Is there any way to only have it alert when it normally would block/CAPTCHA a request that it sees? The current ASM policy is in blocking mode and I would like to keep it that way while the DoS profile is being "tested". Thank you!


2 Replies

  • As of today on v12, PBD does not natively log, nor can you set it in transparent mode. Therefore you can't see what it blocks or even know that it blocked something without a logging irule.


    PBD is a very immature feature that requires much development before it is ready for prime time.


  • CAPTCHA and other injection-based mitigations can be logged when they are triggered. But there isn't any concept of staging for them as there is on the security policy side. However, if you are using Proactive Bot Defense, then you are also using bot signatures. For bot signatures, you can choose to Report, Block, or do nothing.