Manual Chapter : Automatically blocking a user from a web site

Applies To:

Show Versions Show Versions
Manual Chapter

Automatically blocking a user from a web site

Automatically block a user from entering a web site if there are certain alert types for which the certainty of a fraud attack is very clear and automatic blocking is appropriate.
  1. On the Main tab, click
    Fraud Protection Service
    Anti-Fraud Profiles
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the relevant profile.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, click
    A list of alert types appears.
  4. In the list of alert types, click the alert type for which you want to define a system response.
    The alert type appears in the Rules area.
  5. In the Rules area, select the
    check box next to the alert type.
  6. If the alert type you selected is generated on the client-side by JavaScript, in the
    Minimum score to perform action
    field type a score between
    Minimum score to perform action
    field only appears for alert types that are generated on the client-side by JavaScript.
  7. From the
    list, select
    Block User
    Enforcement Policy
    fields appear.
  8. In the
    Enforcement Policy
    field, select either
    Limited Time
    Unlimited Time
  9. If you selected
    Limited Time
    in the previous step, in the
    field, type a time limit (in minutes).
  10. Click
    The rule is now active.
The next time the BIG-IP system sends an alert of the type selected at step 4 and the user successfully logs in to a protected page in this profile, the user is added to the Block User list in the User Enforcement area of the Anti-Fraud Profile Properties screen. And starting from the next successful login the user is blocked from the web site.
If the user is already in the list of blocked users in the
User Enforcement
list, the user is not added a second time.