f5 asm login pages / brute force detection header value

Question

Hello,&nbsp;
I am trying to configure brute-force prevention and login pages.
I have a header value that is set when the login fails on the specified login URL: 
"login-failed: true".&nbsp;
When the login succeeds there is no header like "login-failed: false" or "login-successful: true"&nbsp;
The problem is that the signon page is used for many different apps and this is the only thing that is in common for them all when the login fails.&nbsp;
&nbsp;
Seems the "String that should not appear" is only scanning for body text so detecting failed logins is not working.&nbsp;
Are the only ways to make this work to tell the application guys to add "login-failed: false" or "login-succesful: true" header?&nbsp;

chris_grant · Answer

The application would need to have a header or string that signified a successful login for you to be able to use a header. We support the use of a header to signify success, but not to signify failure. We tend to assume failure until shown success. You can always open a support case and make a Request For Enhancement (RFE). We can send that to PD and request this feature, but can't guarantee when it might be implemented (or even if).

Forum Discussion

f5 asm login pages / brute force detection header value

1 Reply

Recent Discussions

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Related Content

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

Insufficient permissions BIG-IQ login error

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet

Bypass Azure Login Page by adding a login hint in the SAML Request

Detect and stop exfiltration attempts with F5 Distributed Cloud App Infrastructure Protection