Manual Chapter : Overview: Creating HTTP Request Signatures

Applies To:

Show Versions

BIG-IP FPS

17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0

Overview: Creating HTTP Request Signatures

Due to the dynamic and rapidly changing nature of malware and other types of anti-fraud attacks, users may want to set their own criteria for detecting anti-fraud attacks in addition to the detection services provided by FPS. The Request Signatures user interface allows you to do this, by setting your own criteria for what is considered suspicious data in HTTP requests. If the BIG-IP system detects this data in HTTP requests, an alert is sent to the FPS alert dashboard. Specifically, you can define suspicious data in the following parts of the HTTP request: header field, payload, query string, Client IP address, and path .

HTTP request signatures are defined per URL in the anti-fraud profile.

Creating HTTP Request Signatures

Creating an HTTP Request Signature based on a suspicious value in the HTTP header field

Creating an HTTP Request Signature based on a suspicious value in the payload of the HTTP request

Creating an HTTP Request Signature based on a suspicious value in the query string of the HTTP request

Creating an HTTP Request Signature based on a suspicious IP address

Creating an HTTP Request Signature based on a URL path