F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Center
  3. F5 Fraud Protection Service: BIG-IP Configuration
  4. Detecting Phishing Attacks
  5. Overview: Detecting Phishing Attacks
  6. Configuring phishing detection on an anti-fraud profile
  7. Configuring a CSS injection
Manual Chapter : Configuring a CSS injection

Applies To:

Show Versions Show Versions

BIG-IP FPS

  • 17.1.0, 17.0.0, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Manual Chapter

Configuring a CSS injection

CSS injection can only be performed in web pages in the anti-fraud profile where
JavaScript removal detection
 has been enabled on the URL of the web page.
Configure a CSS injection on an anti-fraud profile to improve phishing detection by embedding a CSS file on one or more web pages in the anti-fraud profile.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the profile on which you want to configure the CSS injection.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, select
    Advanced
     and then
    Phishing Detection
    .
    The Phishing Detection screen opens.
  4. Select the
    Enabled
     check box for the
    Inject into Application CSS
     setting if you want the system to inject phishing detection CSS code into the real CSS file(s) specified in the anti-fraud profile.
    If
    Inject into Application CSS
     is enabled, the
    Application CSS Locations
     field is displayed.
    1. In the
      Application CSS Locations
       field, add the location(s) of the CSS file(s) in the web pages specified in the anti-fraud profile.
  5. If you did not enable
    Inject into Application CSS
    , in the
    CSS Location
     field use the default file name and path (or specify a JavaScript removal protection file name and its path within the web application directory if instructed to do so by F5 support).
    • This setting should not be changed without first consulting F5 support.
    • This setting does not appear if you enabled
      Inject into Application CSS
      .
  6. In the
    CSS Attribute Name
     field, type an attribute name or use the default name.
  7. In the Anti-Fraud Configuration area, click
    URL List
    .
    The URL List opens.
  8. For every URL in your profile with Phishing Detection enabled, perform the following steps:
    1. Click on the URL name in the URL List.
      The URL Properties screen opens.
    2. In the URL Configuration area, select
      Phishing Detection
      .
    3. Click
      Advanced
      .
    4. In the
      Location of CSS Link Injection
       field, select whether you want the CSS Link tag to be injected before or after the tag that you specify in the
      Tag
       field.
    5. In the
      Location of CSS Element Injection
       field, select whether you want the CSS element, which triggers the CSS link, to be injected before or after the tag that you specify in the
      Tag
       field.
  9. Click
    Save
     in the URL Properties screen.
    The Anti-Fraud Profile Properties screen opens.
  10. Click
    Save
     in the Anti-Fraud Profile Properties screen.
    The anti-fraud profile is updated with the changes you made.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information