F5 Logo MyF5
Search
  1. MyF5 Home
  2. F5 Fraud Protection Service: BIG-IP Configuration
  3. Configuring a Mobile Security Anti-Fraud Profile
  4. Overview: Configuring a mobile security anti-fraud profile
  5. Creating URLs on a mobile security profile
Manual Chapter : Creating URLs on a mobile security profile

Applies To:

Show Versions Show Versions

BIG-IP FPS

  • 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Manual Chapter

Creating URLs on a mobile security profile

Before creating a URL for mobile security alerts, you should create a mobile security anti-fraud profile.
Create URLs on a mobile security profile to ensure proper protection of your mobile app.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the mobile security profile that you created.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, click
    URL List
    .
  4. Click the
    Add URL
     button.
    The Create New URL screen opens.
  5. In the
    URL Path
     field, type the URL path in the text box.
  6. For Application Type, select
    Mobile
    .
  7. Ensure that
    Mobile Encryption Parameter
     is enabled.
  8. If you want the BIG-IP system to enforce application level encryption on a parameter in every request to the URL, do the following:
    1. In the URL Configuration area, select
      Parameters
      .
    2. Click the
      Add
       button.
      The Parameter Settings screen opens.
    3. In the
      Parameter Name
       field, type a name for the parameter.
    4. In the Mobile Security section, select the
      Enforce
       check box.
    5. Click
      Create
      .
      The parameter settings are saved and the URL Properties screen opens.
    When a parameter is marked with the
    Enforce
     attribute, if the BIG-IP system detects that the parameter is not encrypted it sends an alert and replaces the value of that parameter with a configurable value that the server will reject (for instructions on how to configure this value, see the section on setting a replacement value for a URL parameter that is not encrypted). For example, the
    Enforce
     attribute can be applied to a password parameter, and if the BIG-IP system detects that password value is not encrypted, it will be replaced with an empty string that the server rejects and thus prevents a successful login.
    You cannot mark a parameter with the
    Enforce
     attribute if
    Mobile Encryption Parameter
     is disabled on this URL.
  9. If the URL has a user name parameter, do the following:
    1. In the URL Configuration area, select
      Parameters
      .
    2. Click the
      Add
       button.
      The Parameter Settings screen opens.
    3. In the
      Parameter Name
       field, type a name for the parameter.
    4. Select
      Identify as Username
      .
      Only one parameter per URL can have the attribute
      Identify as Username
      .
    5. Click
      Create
      .
      The parameter settings are saved and the URL Properties screen opens.
  10. Click
    Save
     in the URL Properties screen.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information