fix needed for ASM Web scraping attack

Does the URI follow a pattern of /teamworks/*? Have you added that as an allowed URL? Also could you share the details of the violation event? What does the User-Agent string look like? Are these requests coming in programmatically as the result of automated testing? Have you adjusted the thresholds for Web-Scraping detection, increased values for Bot Detection, Session Opening, and Session Transactions Anomaly?

Hi John buchanan,

Thanks for your answer.

I'm very new to this task

Please find my answer marked with bold for your questions

Does the URI follow a pattern of /teamworks/*? Have you added that as an allowed URL?

No (is this the way to allow ?Please suggest me i will do accordingly)

Also could you share the details of the violation event?

Yes. Please see the attachment

What does the User-Agent string look like?

Are these requests coming in pro grammatically as the result of automated testing?

Request are coming through the development application

Have you adjusted the thresholds for Web-Scraping detection, increased values for Bot Detection, Session Opening, and Session Transactions Anomaly?

No.These all item values are set by default values.And Please advise me what i have to adjust or Increase the value for Bot Detection, Session Opening, and Session Transactions Anomaly

Thanks, Anwar

Hi Anwar,

I would strongly suggest you to first read this SOL: Web Scraping in 12.0 just to understand what Web scraping does and how the different features (bot detection, session opening, etc.) work.

Then, there are several ways to deal with these false positives:

• Adjust the thresholds in the Web Scraping configuration
• Whitelist the IP addresses in the Web Scraping configuration if there are well known IP addresses
• Remove the blocking flag for this feature (the security policy will be weakened then)