Manual Chapter : Configuring advanced malware detection on an anti-fraud profile

Applies To:

Show Versions Show Versions

BIG-IP FPS

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Manual Chapter

Configuring advanced malware detection on an anti-fraud profile

Configure advanced malware detection on an anti-fraud profile if you want to customize the advanced malware detection provided by the BIG-IP system.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the relevant profile.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, click
    Malware Detection
    General Settings
    .
  4. Click
    Advanced
    in the Malware Detection area of the screen.
  5. In the
    Bait Location
    field, use the default location and file name or assign a location and file name for a file that acts as bait for attackers.
  6. Select the check box for
    Use Predefined Baits
    if you want the system to use pre-defined baits received from the F5 update server and check them to determine if they have been infected with malware.
  7. In the
    HTML Source Integrity Location
    field, use the default location or assign a location to where the system sends HTML source integrity data.
  8. In the
    Static Script Removal Detection Header
    field, use the default header or type a header that will be used by the FPS Static Script Removal Detection feature.
  9. In the
    Same-Domain Scripts Validation Header
    field, use the default header or type a header that will be added to requests from the client to the BIG-IP system so that the BIG-IP system can identify requests from the FPS JavaScript on the client.
  10. In the
    External URL Injection Detection for these HTML element types and attributes
    field, add HTML element types and their attributes that you want to be checked for external JavaScript injections.
  11. In the
    Allow Inline scripts that include one of these strings
    field, add strings that will not be considered suspicious if found in an inline script.
  12. Click
    Save
    .
    The anti-fraud profile is updated with the changes you made.