Manual Chapter : Configuring general properties for an anti-fraud profile

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 15.0.0
Manual Chapter

Configuring general properties for an anti-fraud profile

Configure general properties for an anti-fraud profile to ensure proper protection of your web site.
If you are creating a mobile security anti-fraud profile, the instructions in this section are not relevant and you should follow the instructions in the section on creating an initial mobile security anti-fraud profile.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. Click the down-arrow next to the
    Create
    button.
    A pop-up appears with preset options for the anti-fraud profile.
  3. Click
    Create
    in the pop-up if you want to use the default preset options, or select/unselect preset options according to the type of profile you want to create and then click
    Create
    .
    Do not select
    Mobile-oriented URL presets
    unless you are creating a mobile security anti-fraud profile. If you are creating a mobile security anti-fraud profile, follow the instructions in the section on configuring a mobile security anti-fraud profile.
    The Anti-Fraud Profile Properties screen opens.
  4. Select the
    Customize All
    check box.
  5. In the
    Profile Name
    field, type a unique name for the profile.
  6. From the
    Parent Profile
    list, choose which parent profile you want to base your profile on.
    • All undefined properties in the profile you are creating will be inherited from the parent profile. And any future changes to those properties in the parent profile will be automatically inherited by the profile you are creating.
    • The following properties from the parent profile are not inherited: URL properties, user-defined Rules, mobile security properties, and User Enforcement settings.
  7. In the
    Alert Identifier
    field:
    • For the FPS Alerts Dashboard in the BIG-IQ, type the customer ID that was defined in the dashboard.
    • For the cloud dashboard, type the Alert Identifier provided to you by the SOC.
  8. From the
    Alert Pool
    list, select the alert pool that you previously created.
  9. If you already created a Log Publisher, select it from the
    Log Publisher
    list.
    If you did not create a Log Publisher (
    None
    is currently selected), create one as follows:
    1. Click the icon next to the
      Log Publisher
      list.
      A text box appears.
    2. Type a name for the
      Log Publisher
      in the text box.
  10. If your web application is case-sensitive to URLs, do the following:
    1. Click
      Advanced
      under the
      Log Publisher
      field.
      The Advanced settings appear.
    2. For the
      URLs are case sensitive
      setting, select the
      Enabled
      check box.
      • You should enable this setting only if your web application is case-sensitive to URLs.
      • This setting cannot be changed after the initial creation of an anti-fraud profile and does not affect URL parameters in the Anti-Fraud Profile.
      • This setting does not affect the mobile URLs or SPA views, where URLs are always case-sensitive.
  11. Click
    Create
    .
    The anti-fraud profile has been created.
After creating your anti-fraud profile, you should define the URLs that you want to include in your anti-fraud profile.