Manual Chapter :
Configuring
advanced encryption on a URL or view
Applies To:
Show VersionsBIG-IP FPS
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Configuring
advanced encryption on a URL or view
Before configuring advanced encryption on a URL or view,
Application Layer Encryption
must be
enabled on the URL or view.Configure advanced encryption on a URL or view if
you want to apply
FPS
advanced encryption methods
on your web page.- On the Main tab, click.The Anti-Fraud Profiles screen opens.
- From the list of profiles, select the relevant profile.The Anti-Fraud Profile Properties screen opens.
- In the Anti-Fraud Configuration area, clickURL List.The URL List opens.
- Select the URL or view on which you want to apply advanced encryption methods.The URL Properties (or View Properties) screen appears.
- In the URL Configuration (or View Configuration) area, selectApplication Layer Encryption.The Application Layer Encryption settings are displayed.
- Select theEnabledcheck box for theIdentify Stolen Credentialssetting.When this setting is enabled, the system examines whether the user is trying to use a password that was stolen from a parameter whereSubstitute Valueis enabled.
- Select theEnabledcheck box for theKeylogger Protectionsetting.When this setting is enabled, the system protects against in-browser key loggers.
- If you do not want to use the defaultFPSJavaScript function for assigning substitute values for HTML password input fields and prefer to use your own JavaScript function, clickCustomizeand in theJavaScript Function for Substitute Valuesfield, type your JavaScript function.The JavaScript function you type here must return substitute values for all passwords input field parameters whereSubstitute Valueis enabled on the parameter. If you leave this field blank, the defaultFPSJavaScript function is used.
- ClickAdvancedand select theEnabledcheck box for theReal-Time Encryptionsetting.Real-Time Encryption encrypts input field parameters as the user types them.
- TheReal-Time Encryptionsetting does not appear if you don't have at least one parameter with theEncryptattribute.
- Real-Time Encryption cannot be enabled if you are also using a custom encryption function on the URL or view.
- Select theEnabledcheck box for theHide Password Revealer Iconsetting.When this setting is enabled, the system hides the password revealer icon on a web page, for browsers that use a password revealer icon (for example, Internet Explorer versions 10 and later).If you are usingJavaScript Function for Substitute ValuesorCustom Encryption Function, you must enableHide Password Revealer Icon. Otherwise, the user will see the actual substitute value if the user clicks the Password Revealer icon in the browser.
- Select theEnabledcheck box for thePrevent Password Auto-Completesetting.When this setting is enabled, the system prevents the web browser's auto-complete functionality when an end-user enters data in the web browser.
- WhenPrevent Password Auto-Completeis enabled,Password Validation Functionsappears. In thePassword Validation Functionstext box, add global functions that need to read the value of password parameters withSubstitute Valueenabled.
- ClickSavein the URL/View Properties screen.The configuration settings for the URL or view are saved.