Manual Chapter :
Configuring advanced general settings on a
profile
Applies To:
Show VersionsBIG-IP FPS
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Configuring advanced general settings on a
profile
Configure advanced general settings
on
anti-fraud
profiles if you want to change the default
settings that the BIG-IP system assigns to profiles.- On the Main tab, click.The Anti-Fraud Profiles screen opens.
- From the list of profiles, select the relevant profile.The Anti-Fraud Profile Properties screen opens.
- In the General Settings area of the Anti-Fraud Profile Properties screen, clickAdvanced.The Advanced settings appear.
- In theAlert Pathfield, use the automatically generated path, or define your own path.If you define your own path, ensure that the path is not used by any other field in the profile and that it is not an already existing URL.
- In theAlert Token Headerfield, use the default header or type a header that will be added to alerts that are generated on the client-side by JavaScript.This header secures communication between the client's browser and the BIG-IP system.
- In theSuggested Username Headerfield, use the default header or type a header that will be added to AJAX requests when the BIG-IP system detects an AJAX login attempt, which is common for Single Page Applications.With this header, the BIG-IP system can detect the username that was used for the login. The client sends this header only for URLs in the profile that have a parameter set as Identify as Username.
- For theJavaScript Directoryfield, use the automatically generated path, or define your own.This path specifies the location of the mainFPSJavaScript. This path does not include the actual file name of the JavaScript.This path should be changed only if your application is already using a directory with the same path as the automatically assigned default path.
- For theJavaScript Configuration Directoryfield, use the automatically generated path, or define your own path that specifies the location of theFPSJavaScript containing profile configuration settings.This path specifies the location of the configuration JavaScript. This path does not include the actual file name of the JavaScript.This path should be changed only if your application is already using a directory with the same path as the automatically assigned default path.
- For theJavaScript Removal Locationfield, use the automatically generated path, or define your own path that specifies the location of the image file name that the system uses for detecting a JavaScript removal attack.
- ForThreat Analytics Path, use the default path or define your own path for sending data to the Threat Analytics Platform (if enabled).
- ForJavaScript Grace Threshold, change the default value if you want to raise or lower the maximum amount of time (in seconds) permitted between when a protected web page is loaded and its injected JavaScript activates.
- For theCollect Geolocation Coordinatessetting, select theEnabledcheck box if you want the client to ask the end-user to grant permission to add geolocation coordinates to alerts.
- For theCollect Fingerprint Datasetting, select theEnabledcheck box if you want the system to create a numerical fingerprint for identifying the client's computing device.This fingerprint is included in alerts sent to the FPS Dashboard.
- For theFingerprint URL Locationfield, use the automatically generated path, or define your own path that specifies the location of the FPS JavaScript that calculates the fingerprint of the client's computing device.This path should be changed only if your application is already using a directory with the same path as the automatically assigned default path.
- Leave theAdditional function to be run before JavaScript loadfield blank unless instructed otherwise by F5.
- If your profile includes one or more URLs that contain SPA views, forReferrer Info Headeruse the default header value or assign your own header value that the BIG-IP system uses to identify SPA views.
- For thePrevent duplicate alerts from Client Sidesetting, select theEnabledcheck box to prevent the client from sending an alert with information that is identical to an alert previously sent by the client during the past 24 hours.
- At theIgnore Predefined Alertsfield, add the names of pre-defined alert definitions received from the F5 Update server that you want the system to ignore.
- ForMaximum Length of HTML Attached to Test Alert, use the default length or type a number for the maximum length (in bytes) for the test alert.
- ClickSave.The BIG-IP system saves the changes that you made to the advanced settings.