Manual Chapter :
Automatically
blocking a user from a web site
Applies To:
Show Versions
BIG-IP FPS
- 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Automatically
blocking a user from a web site
Automatically block a user from entering a web
site if there are certain alert types for which the certainty of a fraud attack is very
clear and automatic blocking is appropriate.
- On the Main tab, click .The Anti-Fraud Profiles screen opens.
- From the list of profiles, select the relevant profile.The Anti-Fraud Profile Properties screen opens.
- In the Anti-Fraud Configuration area, clickRules.A list of alert types appears.
- In the list of alert types, click the alert type for which you want to define a system response.The alert type appears in the Rules area.
- In the Rules area, select theEnabledcheck box next to the alert type.
- If the alert type you selected is generated on the client-side by JavaScript, in theMinimum score to perform actionfield type a score between0-100.TheMinimum score to perform actionfield only appears for alert types that are generated on the client-side by JavaScript.
- From theActionlist, selectBlock User.TheEnforcement PolicyandDurationfields appear.
- In theEnforcement Policyfield, select eitherLimited TimeorUnlimited Time.
- If you selectedLimited Timein the previous step, in theDurationfield, type a time limit (in minutes).
- ClickSave.The rule is now active.
The next time the BIG-IP system sends an alert
of the type selected at step 4 and the user successfully logs in to a protected page in
this profile, the user is added to the Block User list in the User Enforcement area of
the Anti-Fraud Profile Properties screen. And starting from the next successful login
the user is blocked from the web site.
If the user is already
in the list of blocked users in the
User Enforcement
list, the user is not added a second
time.
