Manual Chapter : Configuring advanced encryption on a URL or view

Applies To:

Show Versions Show Versions

BIG-IP FPS

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Manual Chapter

Configuring advanced encryption on a URL or view

Before configuring advanced encryption on a URL or view,
Application Layer Encryption
must be enabled on the URL or view.
Configure advanced encryption on a URL or view if you want to apply
FPS
advanced encryption methods on your web page.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the relevant profile.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, click
    URL List
    .
    The URL List opens.
  4. Select the URL or view on which you want to apply advanced encryption methods.
    The URL Properties (or View Properties) screen appears.
  5. In the URL Configuration (or View Configuration) area, select
    Application Layer Encryption
    .
    The Application Layer Encryption settings are displayed.
  6. Select the
    Enabled
    check box for the
    Identify Stolen Credentials
    setting.
    When this setting is enabled, the system examines whether the user is trying to use a password that was stolen from a parameter where
    Substitute Value
    is enabled.
  7. Select the
    Enabled
    check box for the
    Keylogger Protection
    setting.
    When this setting is enabled, the system protects against in-browser key loggers.
  8. If you do not want to use the default
    FPS
    JavaScript function for assigning substitute values for HTML password input fields and prefer to use your own JavaScript function, click
    Customize
    and in the
    JavaScript Function for Substitute Values
    field, type your JavaScript function.
    The JavaScript function you type here must return substitute values for all passwords input field parameters where
    Substitute Value
    is enabled on the parameter. If you leave this field blank, the default
    FPS
    JavaScript function is used.
  9. Click
    Advanced
    and select the
    Enabled
    check box for the
    Real-Time Encryption
    setting.
    Real-Time Encryption encrypts input field parameters as the user types them.
    • The
      Real-Time Encryption
      setting does not appear if you don't have at least one parameter with the
      Encrypt
      attribute.
    • Real-Time Encryption cannot be enabled if you are also using a custom encryption function on the URL or view.
  10. Select the
    Enabled
    check box for the
    Hide Password Revealer Icon
    setting.
    When this setting is enabled, the system hides the password revealer icon on a web page, for browsers that use a password revealer icon (for example, Internet Explorer versions 10 and later).
    If you are using
    JavaScript Function for Substitute Values
    or
    Custom Encryption Function
    , you must enable
    Hide Password Revealer Icon
    . Otherwise, the user will see the actual substitute value if the user clicks the Password Revealer icon in the browser.
  11. Select the
    Enabled
    check box for the
    Prevent Password Auto-Complete
    setting.
    When this setting is enabled, the system prevents the web browser's auto-complete functionality when an end-user enters data in the web browser.
    • When
      Prevent Password Auto-Complete
      is enabled,
      Password Validation Functions
      appears. In the
      Password Validation Functions
      text box, add global functions that need to read the value of password parameters with
      Substitute Value
      enabled.
  12. Click
    Save
    in the URL/View Properties screen.
    The configuration settings for the URL or view are saved.