Manual Chapter : Automatically blocking a user from a web site

Applies To:

Show Versions Show Versions
Manual Chapter

Automatically blocking a user from a web site

Automatically block a user from entering a web site if there are certain alert types for which the certainty of a fraud attack is very clear and automatic blocking is appropriate.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the relevant profile.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, click
    Rules
    .
    A list of alert types appears.
  4. In the list of alert types, click the alert type for which you want to define a system response.
    The alert type appears in the Rules area.
  5. In the Rules area, select the
    Enabled
    check box next to the alert type.
  6. If the alert type you selected is generated on the client-side by JavaScript, in the
    Minimum score to perform action
    field type a score between
    0-100
    .
    The
    Minimum score to perform action
    field only appears for alert types that are generated on the client-side by JavaScript.
  7. From the
    Action
    list, select
    Block User
    .
    The
    Enforcement Policy
    and
    Duration
    fields appear.
  8. In the
    Enforcement Policy
    field, select either
    Limited Time
    or
    Unlimited Time
    .
  9. If you selected
    Limited Time
    in the previous step, in the
    Duration
    field, type a time limit (in minutes).
  10. Click
    Save
    .
    The rule is now active.
The next time the BIG-IP system sends an alert of the type selected at step 4 and the user successfully logs in to a protected page in this profile, the user is added to the Block User list in the User Enforcement area of the Anti-Fraud Profile Properties screen. And starting from the next successful login the user is blocked from the web site.
If the user is already in the list of blocked users in the
User Enforcement
list, the user is not added a second time.