APIRef_tm_security_anti-fraud_profile¶
mgmt/tm/security/anti-fraud/profile
Virtual server Anti-fraud profile configuration
REST Endpoints
- Collection URI
/mgmt/tm/security/anti-fraud/profile- Collection Methods
OPTIONS, GET- Resource URI
/mgmt/tm/security/anti-fraud/profile/~resource id- Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST- Resource Natural Key
name, partition, subPath
Properties
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
alertClientSideCaching |
string | enabled | optional | read/write | Specifies, when enabled, that the system prevents duplicate alerts from the client side. |
alertIdentifier |
string | optional | read/write | Specifies the ID of the customer in the dashboard. | |
alertPath |
string | /rstats/ | optional | read/write | Specifies the BIG-IP URL path where the alert is sent. |
alertPool |
string | optional | read/write | Specifies the name of the pool used when the system sends alerts. | |
alertPublisher |
string | optional | read/write | Specifies the name of the log publisher used for sending alerts originating from the BIG-IP. | |
alertTokenHeader |
string | Alert-Token | optional | read/write | Specifies the name of the custom HTTP header in alerts for exchanging a random token between the client side and the BIG-IP. |
appService |
string | optional | read/write | The application service that the object belongs to. | |
beforeLoadFunction |
string | optional | read/write | Specifies the implementation of additional function to be run before JavaScript load. | |
caseInsensitive |
boolean | false | optional | read/write | Specifies that the profile treats protected URL paths as case insensitive. This is the default. |
caseSensitive |
boolean | false | optional | read/write | Specifies that the profile treats protected URL paths as case sensitive. |
checkPathInfo |
string | disabled | optional | read/write | |
cloudServicePool |
string | optional | read/write | Specifies the name of the pool used by the system for various internal purposes, like signing Forensics tool. | |
configLocation |
string | /UGZKSAIVUD/ | optional | read/write | Specifies the BIG-IP URL directory where the configuration for the injected JavaScript is located. |
defaultsFrom |
string | optional | read/write | Specifies the profile that you want to use as the parent profile. Your new profile inherits all settings and values from the parent profile specified. | |
description |
string | optional | read/write | User defined description. | |
encryptionStagingMode |
string | disabled | optional | read/write | Specifies, when enabled, that the system activates Anti-fraud encryption staging mode. If decrypted data differs from original data, an alert will be sent and original data will be used. |
guiTypeBitmask |
integer | 30 | optional | read/write | |
inspectedUsers |
string | optional | read/write | ||
javascriptLocation |
string | /NJIUYTGHN/ | optional | read/write | Specifies the BIG-IP URL directory where the injected JavaScript is located. |
tmPartition |
string | Common | optional | read/write | Displays the administrative partition within which this profile resides. |
riskEnginePublisher |
string | optional | read/write | Specifies the name of the log publisher used for reports to a Risk engine. | |
suggestedUsernameHeader |
string | Ajax-Username | optional | read/write | Specifies the name of the custom HTTP header in AJAX requests added by JavaScript with a username value identified on the client side. |
triggerIrule |
string | disabled | optional | read/write | Specifies, when enabled, that the system activates Anti-fraud iRule events. |
whitelistCustomAlerts |
string | optional | read/write | Configures a list of predefined alerts that are ignored. |
Subcollections
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
users |
array_structure | optional | read/write |
Structures
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
/auto-transactions |
array_structure | optional | read/write | ||
/auto-transactions/bot-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use bot-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system determines that the client is a bot and not a human. |
/auto-transactions/click-score |
integer | 40 | optional | read/write | Deprecated since v13.0.0. Please use click-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the min-mouse-over-count and min-mouse-move-count conditions are not met. |
/auto-transactions/integrity-fail-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use integrity-fail-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system detects a difference between the actual parameter value and the expected value of a protected parameter sent after a user clicks a web form’s Submit button. |
/auto-transactions/min-mouse-move-count |
integer | 5 | optional | read/write | Deprecated since v13.0.0. Please use min-mouse-move-count in auto-transactions under urls instead. Specifies the minimum number of mouse movements necessary per page load in order for the system to consider the transaction to be of human origin. |
/auto-transactions/min-mouse-over-count |
integer | 2 | optional | read/write | Deprecated since v13.0.0. Please use min-mouse-over-count in auto-transactions under urls instead. Specifies the minimum number of times the client’s mouse is positioned over the Submit button in a web form in order for the system to consider the transaction to be of human origin. |
/auto-transactions/min-report-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use min-report-score in auto-transactions under urls instead. Specifies the lowest score necessary for the system to send an alert. |
/auto-transactions/min-time-to-request |
integer | 2 | optional | read/write | Deprecated since v13.0.0. Please use min-time-to-request in auto-transactions under urls instead. Specifies the minimum amount of time (in seconds) permitted between when a web form is opened and the Submit button is clicked. |
/auto-transactions/not-human-score |
integer | 25 | optional | read/write | Deprecated since v13.0.0. Please use not-human-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system only suspects that the client is a bot and not a human. |
/auto-transactions/score-tampered-cookie |
integer | 50 | optional | read/write | |
/auto-transactions/tampered-cookie-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use tampered-cookie-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system detects that the transaction-data cookie was tampered with. |
/auto-transactions/time-fail-score |
integer | 20 | optional | read/write | Deprecated since v13.0.0. Please use time-fail-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the min-time-to-request condition is not met. |
/auto-transactions/strong-integrity |
array_structure | optional | read/write | ||
/auto-transactions/strong-integrity/hide-encrypted-parameters |
string | disabled | optional | read/write | Specifies, when enabled, that JavaScript does not add the expected value of encrypted parameters to strong integrity parameter. |
/auto-transactions/strong-integrity/parameter |
string | strongintegrity | optional | read/write | Specifies the name of the HTTP parameter in POST requests added by JavaScript with the expected user-input data verified with physical input events. |
/auto-transactions/strong-integrity/hide-encrypted-parameters |
string | disabled | optional | read/write | Specifies, when enabled, that JavaScript does not add the expected value of encrypted parameters to strong integrity parameter. |
/auto-transactions/strong-integrity/parameter |
string | strongintegrity | optional | read/write | Specifies the name of the HTTP parameter in POST requests added by JavaScript with the expected user-input data verified with physical input events. |
/auto-transactions/bot-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use bot-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system determines that the client is a bot and not a human. |
/auto-transactions/click-score |
integer | 40 | optional | read/write | Deprecated since v13.0.0. Please use click-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the min-mouse-over-count and min-mouse-move-count conditions are not met. |
/auto-transactions/integrity-fail-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use integrity-fail-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system detects a difference between the actual parameter value and the expected value of a protected parameter sent after a user clicks a web form’s Submit button. |
/auto-transactions/min-mouse-move-count |
integer | 5 | optional | read/write | Deprecated since v13.0.0. Please use min-mouse-move-count in auto-transactions under urls instead. Specifies the minimum number of mouse movements necessary per page load in order for the system to consider the transaction to be of human origin. |
/auto-transactions/min-mouse-over-count |
integer | 2 | optional | read/write | Deprecated since v13.0.0. Please use min-mouse-over-count in auto-transactions under urls instead. Specifies the minimum number of times the client’s mouse is positioned over the Submit button in a web form in order for the system to consider the transaction to be of human origin. |
/auto-transactions/min-report-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use min-report-score in auto-transactions under urls instead. Specifies the lowest score necessary for the system to send an alert. |
/auto-transactions/min-time-to-request |
integer | 2 | optional | read/write | Deprecated since v13.0.0. Please use min-time-to-request in auto-transactions under urls instead. Specifies the minimum amount of time (in seconds) permitted between when a web form is opened and the Submit button is clicked. |
/auto-transactions/not-human-score |
integer | 25 | optional | read/write | Deprecated since v13.0.0. Please use not-human-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system only suspects that the client is a bot and not a human. |
/auto-transactions/score-tampered-cookie |
integer | 50 | optional | read/write | |
/auto-transactions/tampered-cookie-score |
integer | 50 | optional | read/write | Deprecated since v13.0.0. Please use tampered-cookie-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the system detects that the transaction-data cookie was tampered with. |
/auto-transactions/time-fail-score |
integer | 20 | optional | read/write | Deprecated since v13.0.0. Please use time-fail-score in auto-transactions under urls instead. Specifies the score added to an alert that is triggered if the min-time-to-request condition is not met. |
/blocking-page |
array_structure | optional | read/write | ||
/blocking-page/response-body |
string | optional | read/write | Specifies the HTML code the system sends to the user whose account is blocked. | |
/blocking-page/response-headers |
string | optional | read/write | Specifies the response headers that the system sends to the user whose account is blocked. | |
/blocking-page/response-body |
string | optional | read/write | Specifies the HTML code the system sends to the user whose account is blocked. | |
/blocking-page/response-headers |
string | optional | read/write | Specifies the response headers that the system sends to the user whose account is blocked. | |
/cookies |
array_structure | optional | read/write | ||
/cookies/application |
string | optional | read/write | Configures a list of application cookies that will be removed if at least one of the protected cookies is missing. | |
/cookies/client-side |
string | jtyrewtazq | optional | read/write | Specifies the name of the cookie in which the system inserts plain text with a record about client side alerts already sent. |
/cookies/client-side-lifetime |
string | 43200 | optional | read/write | Specifies whether the client-side state cookie is persistent, and if so, after how many minutes it expires. |
/cookies/components-state |
string | blsoap | optional | read/write | Specifies the name of the cookie that verifies that the system’s expected JavaScript can run successfully, and whether the system successfully decrypted configuration data arriving from server. |
/cookies/components-state-lifetime |
string | 0 | optional | read/write | Specifies whether the components-state cookie is persistent, and if so, after how many minutes it expires. |
/cookies/components-state-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the components-state cookie from removal. |
/cookies/encryption-disabled |
string | RBSENB | optional | read/write | Specifies the name of the cookie that the system adds if the system fails to decrypt a password (to restore the original password as the user typed it), and the system forwards a request to the server and waits for a login failure response. |
/cookies/encryption-disabled-lifetime |
string | 0 | optional | read/write | Specifies whether the encryption-disabled cookie is persistent, and if so, after how many minutes it expires. |
/cookies/encryption-disabled-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the encryption-disabled cookie from removal. |
/cookies/fingerprint |
string | xnnOiqv | optional | read/write | Specifies the name of the cookie that contains fingerprint data. |
/cookies/fingerprint-lifetime |
string | 1440 | optional | read/write | Specifies whether the fingerprint cookie is persistent, and if so, after how many minutes it expires. |
/cookies/fingerprint-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the fingerprint cookie from removal. |
/cookies/html-field-obfuscation |
string | kuwalla | optional | read/write | Specifies the name of the cookie that the system sets to identify the fields that were created by HTML field obfuscation, in order to remove them from the request before sending it back to the web application, and to know which field names to decrypt. |
/cookies/html-field-obfuscation-lifetime |
string | 1440 | optional | read/write | Specifies whether the html-field-obfuscation cookie is persistent, and if so, after how many minutes it expires. |
/cookies/malware-cache |
string | jtyrewtazq | optional | read/write | |
/cookies/malware-cache-lifetime |
string | 43200 | optional | read/write | |
/cookies/malware-counter |
string | ctr | optional | read/write | |
/cookies/malware-counter-lifetime |
string | 43200 | optional | read/write | |
/cookies/malware-forensic |
string | FuicaIWr | optional | read/write | Specifies the name of the cookie that stores the essential response header values from the web application to be sent to the user after he finishes or skips downloading and running Forensics tool on his host. |
/cookies/malware-forensic-lifetime |
string | 1440 | optional | read/write | Specifies whether the malware-forensic cookie is persistent, and if so, after how many minutes it expires. |
/cookies/malware-guid |
string | kubdum | optional | read/write | Specifies the name of the cookie set by JavaScript to a random string. |
/cookies/malware-guid-lifetime |
string | 1440 | optional | read/write | Specifies whether the malware-guid cookie is persistent, and if so, after how many minutes it expires. |
/cookies/malware-guid-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the malware-guid cookie from removal. |
/cookies/phishing-cache |
string | imgtype | optional | read/write | |
/cookies/phishing-cache-lifetime |
string | 43200 | optional | read/write | |
/cookies/rules |
string | BrrbosUP | optional | read/write | Specifies the name of the cookie that the system sets in order to perform the actions route and/or redirect. |
/cookies/rules-lifetime |
string | 1440 | optional | read/write | Specifies whether the rules cookie is persistent, and if so, after how many minutes it expires. |
/cookies/rules-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the rules cookie from removal. |
/cookies/secure-alert |
string | sEcuaL | optional | read/write | Specifies the name of the cookie that secures arrival of alerts originating from JavaScript to the dashboard. |
/cookies/secure-alert-lifetime |
string | 0 | optional | read/write | Specifies whether the secure-alert cookie is persistent, and if so, after how many minutes it expires. |
/cookies/secure-alert-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the secure-alert cookie from removal. |
/cookies/secure-channel |
string | INHEJ | optional | read/write | Specifies the name of the cookie that the system sets when the system provides JavaScript with a public key for encryption operations. |
/cookies/secure-channel-lifetime |
string | 1440 | optional | read/write | Specifies whether the secure-channel cookie is persistent, and if so, after how many minutes it expires. |
/cookies/secure-channel-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the secure-channel cookie from removal. |
/cookies/transaction-data |
string | PAGELINKS | optional | read/write | Specifies the name of the cookie that contains information (such as mouse movement, clicks, and events) in encrypted format and sends that information to the system. |
/cookies/transaction-data-lifetime |
string | 1440 | optional | read/write | Specifies whether the transaction-data cookie is persistent, and if so, after how many minutes it expires. |
/cookies/user-inspection |
string | G3CmE | optional | read/write | Specifies the name of cookie that is set once a user is identified in a web form submitted by the client and this user is enforced inspection mode. |
/cookies/user-name |
string | IkoYTT | optional | read/write | Specifies the name of the cookie with the username value after a username is identified in a request. |
/cookies/user-name-lifetime |
string | 1440 | optional | read/write | Specifies whether the user-name cookie is persistent, and if so, after how many minutes it expires. |
/cookies/user-name-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the user-name cookie from removal. |
/cookies/base-domain |
array_structure | optional | read/write | ||
/cookies/base-domain/apply |
string | disabled | optional | read/write | Specifies, when enabled, that the system applies the cookies to the base domain. |
/cookies/base-domain/exceptions |
string | optional | read/write | Configures a list of exceptional base domains that take precedence when the system resolves the base domain from a host header. | |
/cookies/base-domain/apply |
string | disabled | optional | read/write | Specifies, when enabled, that the system applies the cookies to the base domain. |
/cookies/base-domain/exceptions |
string | optional | read/write | Configures a list of exceptional base domains that take precedence when the system resolves the base domain from a host header. | |
/cookies/application |
string | optional | read/write | Configures a list of application cookies that will be removed if at least one of the protected cookies is missing. | |
/cookies/client-side |
string | jtyrewtazq | optional | read/write | Specifies the name of the cookie in which the system inserts plain text with a record about client side alerts already sent. |
/cookies/client-side-lifetime |
string | 43200 | optional | read/write | Specifies whether the client-side state cookie is persistent, and if so, after how many minutes it expires. |
/cookies/components-state |
string | blsoap | optional | read/write | Specifies the name of the cookie that verifies that the system’s expected JavaScript can run successfully, and whether the system successfully decrypted configuration data arriving from server. |
/cookies/components-state-lifetime |
string | 0 | optional | read/write | Specifies whether the components-state cookie is persistent, and if so, after how many minutes it expires. |
/cookies/components-state-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the components-state cookie from removal. |
/cookies/encryption-disabled |
string | RBSENB | optional | read/write | Specifies the name of the cookie that the system adds if the system fails to decrypt a password (to restore the original password as the user typed it), and the system forwards a request to the server and waits for a login failure response. |
/cookies/encryption-disabled-lifetime |
string | 0 | optional | read/write | Specifies whether the encryption-disabled cookie is persistent, and if so, after how many minutes it expires. |
/cookies/encryption-disabled-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the encryption-disabled cookie from removal. |
/cookies/fingerprint |
string | xnnOiqv | optional | read/write | Specifies the name of the cookie that contains fingerprint data. |
/cookies/fingerprint-lifetime |
string | 1440 | optional | read/write | Specifies whether the fingerprint cookie is persistent, and if so, after how many minutes it expires. |
/cookies/fingerprint-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the fingerprint cookie from removal. |
/cookies/html-field-obfuscation |
string | kuwalla | optional | read/write | Specifies the name of the cookie that the system sets to identify the fields that were created by HTML field obfuscation, in order to remove them from the request before sending it back to the web application, and to know which field names to decrypt. |
/cookies/html-field-obfuscation-lifetime |
string | 1440 | optional | read/write | Specifies whether the html-field-obfuscation cookie is persistent, and if so, after how many minutes it expires. |
/cookies/malware-cache |
string | jtyrewtazq | optional | read/write | |
/cookies/malware-cache-lifetime |
string | 43200 | optional | read/write | |
/cookies/malware-counter |
string | ctr | optional | read/write | |
/cookies/malware-counter-lifetime |
string | 43200 | optional | read/write | |
/cookies/malware-forensic |
string | FuicaIWr | optional | read/write | Specifies the name of the cookie that stores the essential response header values from the web application to be sent to the user after he finishes or skips downloading and running Forensics tool on his host. |
/cookies/malware-forensic-lifetime |
string | 1440 | optional | read/write | Specifies whether the malware-forensic cookie is persistent, and if so, after how many minutes it expires. |
/cookies/malware-guid |
string | kubdum | optional | read/write | Specifies the name of the cookie set by JavaScript to a random string. |
/cookies/malware-guid-lifetime |
string | 1440 | optional | read/write | Specifies whether the malware-guid cookie is persistent, and if so, after how many minutes it expires. |
/cookies/malware-guid-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the malware-guid cookie from removal. |
/cookies/phishing-cache |
string | imgtype | optional | read/write | |
/cookies/phishing-cache-lifetime |
string | 43200 | optional | read/write | |
/cookies/rules |
string | BrrbosUP | optional | read/write | Specifies the name of the cookie that the system sets in order to perform the actions route and/or redirect. |
/cookies/rules-lifetime |
string | 1440 | optional | read/write | Specifies whether the rules cookie is persistent, and if so, after how many minutes it expires. |
/cookies/rules-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the rules cookie from removal. |
/cookies/secure-alert |
string | sEcuaL | optional | read/write | Specifies the name of the cookie that secures arrival of alerts originating from JavaScript to the dashboard. |
/cookies/secure-alert-lifetime |
string | 0 | optional | read/write | Specifies whether the secure-alert cookie is persistent, and if so, after how many minutes it expires. |
/cookies/secure-alert-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the secure-alert cookie from removal. |
/cookies/secure-channel |
string | INHEJ | optional | read/write | Specifies the name of the cookie that the system sets when the system provides JavaScript with a public key for encryption operations. |
/cookies/secure-channel-lifetime |
string | 1440 | optional | read/write | Specifies whether the secure-channel cookie is persistent, and if so, after how many minutes it expires. |
/cookies/secure-channel-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the secure-channel cookie from removal. |
/cookies/transaction-data |
string | PAGELINKS | optional | read/write | Specifies the name of the cookie that contains information (such as mouse movement, clicks, and events) in encrypted format and sends that information to the system. |
/cookies/transaction-data-lifetime |
string | 1440 | optional | read/write | Specifies whether the transaction-data cookie is persistent, and if so, after how many minutes it expires. |
/cookies/user-inspection |
string | G3CmE | optional | read/write | Specifies the name of cookie that is set once a user is identified in a web form submitted by the client and this user is enforced inspection mode. |
/cookies/user-name |
string | IkoYTT | optional | read/write | Specifies the name of the cookie with the username value after a username is identified in a request. |
/cookies/user-name-lifetime |
string | 1440 | optional | read/write | Specifies whether the user-name cookie is persistent, and if so, after how many minutes it expires. |
/cookies/user-name-removal-protection |
string | enabled | optional | read/write | Enables or disables protection of the user-name cookie from removal. |
/debug |
array_structure | optional | read/write | ||
/debug/console-log |
array_structure | optional | read/write | ||
/debug/console-log/client-ips |
string | optional | read/write | Configures a list of client IP addresses for which the system adds prints to browser console. | |
/debug/console-log/fingerprints |
string | optional | read/write | Configures a list of strings contained in fingerprint data for which the system adds prints to browser console. | |
/debug/console-log/user-agents |
string | optional | read/write | Configures a list of strings contained in user-agent header for which the system adds prints to browser console. | |
/debug/console-log/client-ips |
string | optional | read/write | Configures a list of client IP addresses for which the system adds prints to browser console. | |
/debug/console-log/fingerprints |
string | optional | read/write | Configures a list of strings contained in fingerprint data for which the system adds prints to browser console. | |
/debug/console-log/user-agents |
string | optional | read/write | Configures a list of strings contained in user-agent header for which the system adds prints to browser console. | |
/debug/send-alert |
array_structure | optional | read/write | ||
/debug/send-alert/client-ips |
string | optional | read/write | Configures a list of client IP addresses for which the system sends debug alerts to the dashboard. | |
/debug/send-alert/fingerprints |
string | optional | read/write | Configures a list of strings contained in fingerprint data for which the system sends debug alerts to the dashboard. | |
/debug/send-alert/user-agents |
string | optional | read/write | Configures a list of strings contained in user-agent header for which the system sends debug alerts to the dashboard. | |
/debug/send-alert/client-ips |
string | optional | read/write | Configures a list of client IP addresses for which the system sends debug alerts to the dashboard. | |
/debug/send-alert/fingerprints |
string | optional | read/write | Configures a list of strings contained in fingerprint data for which the system sends debug alerts to the dashboard. | |
/debug/send-alert/user-agents |
string | optional | read/write | Configures a list of strings contained in user-agent header for which the system sends debug alerts to the dashboard. | |
/fingerprint |
array_structure | optional | read/write | ||
/fingerprint/collect |
string | enabled | optional | read/write | Specifies, when enabled, that the system collects fingerprint data. |
/fingerprint/location |
string | /files/fingerprint.js | optional | read/write | Specifies the BIG-IP URL location of the fingerprint JavaScript. |
/fingerprint/collect |
string | enabled | optional | read/write | Specifies, when enabled, that the system collects fingerprint data. |
/fingerprint/location |
string | /files/fingerprint.js | optional | read/write | Specifies the BIG-IP URL location of the fingerprint JavaScript. |
/forensic |
array_structure | optional | read/write | ||
/forensic/alert-path |
string | /nstats/ | optional | read/write | Specifies the BIG-IP URL path for alerts from Forensics tool. |
/forensic/client-domains |
string | optional | read/write | Configures a list of client domains to be resolved by Forensics tool. | |
/forensic/cloud-config-path |
string | /forensicscloud/ | optional | read/write | Specifies the BIG-IP URL path for requests from Forensics tool to cloud-service-pool. |
/forensic/cloud-forensics-mode |
integer | 0 | optional | read/write | Specifies the numeric value sent to cloud-service-pool to download Forensics tool. |
/forensic/cloud-remediation-mode |
integer | 1 | optional | read/write | Specifies the numeric value sent to cloud-service-pool to download Forensics tool in remediation mode. |
/forensic/continue-element |
string | optional | read/write | Specifies the HTML element with continue option that replaces %SKIP_PART% in the entire html when enforce-policy is enforce. | |
/forensic/exe-location |
string | /files/forensics.exe | optional | read/write | Specifies the BIG-IP URL path to download Forensics tool that also replaces %EXE_LOCATION% in the entire html. |
/forensic/html |
string | optional | read/write | Specifies the HTML code the system sends to the user after successful login with option to download Forensics tool. | |
/forensic/self-post-location |
string | /html/selfpost.html | optional | read/write | Specifies the BIG-IP URL path for self POST page opened by Forensics tool during scanning. |
/forensic/skip-element |
string | optional | read/write | Specifies the HTML element with skip option that replaces %SKIP_PART% in the entire html when enforce-policy is not enforce. | |
/forensic/skip-path |
string | /skipforensics/ | optional | read/write | Specifies the BIG-IP URL path for skip / continue option that also replaces %SKIP_PATH% in both continue-element and skip-element (before their replacement in the entire html). |
/forensic/alert-path |
string | /nstats/ | optional | read/write | Specifies the BIG-IP URL path for alerts from Forensics tool. |
/forensic/client-domains |
string | optional | read/write | Configures a list of client domains to be resolved by Forensics tool. | |
/forensic/cloud-config-path |
string | /forensicscloud/ | optional | read/write | Specifies the BIG-IP URL path for requests from Forensics tool to cloud-service-pool. |
/forensic/cloud-forensics-mode |
integer | 0 | optional | read/write | Specifies the numeric value sent to cloud-service-pool to download Forensics tool. |
/forensic/cloud-remediation-mode |
integer | 1 | optional | read/write | Specifies the numeric value sent to cloud-service-pool to download Forensics tool in remediation mode. |
/forensic/continue-element |
string | optional | read/write | Specifies the HTML element with continue option that replaces %SKIP_PART% in the entire html when enforce-policy is enforce. | |
/forensic/exe-location |
string | /files/forensics.exe | optional | read/write | Specifies the BIG-IP URL path to download Forensics tool that also replaces %EXE_LOCATION% in the entire html. |
/forensic/html |
string | optional | read/write | Specifies the HTML code the system sends to the user after successful login with option to download Forensics tool. | |
/forensic/self-post-location |
string | /html/selfpost.html | optional | read/write | Specifies the BIG-IP URL path for self POST page opened by Forensics tool during scanning. |
/forensic/skip-element |
string | optional | read/write | Specifies the HTML element with skip option that replaces %SKIP_PART% in the entire html when enforce-policy is not enforce. | |
/forensic/skip-path |
string | /skipforensics/ | optional | read/write | Specifies the BIG-IP URL path for skip / continue option that also replaces %SKIP_PATH% in both continue-element and skip-element (before their replacement in the entire html). |
/inject-main-javascript |
array_structure | optional | read/write | ||
/inject-main-javascript/after |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the main JavaScript after an opening tag. |
/inject-main-javascript/before |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the main JavaScript before a closing tag. |
/inject-main-javascript/tag |
string | /head | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the main JavaScript. |
/inject-main-javascript/after |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the main JavaScript after an opening tag. |
/inject-main-javascript/before |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the main JavaScript before a closing tag. |
/inject-main-javascript/tag |
string | /head | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the main JavaScript. |
/malware |
array_structure | optional | read/write | ||
/malware/allowed-domains |
string | optional | read/write | Configures a list of whitelisted domains. The system does not send alerts on requests for URLs from these domains, even if the system detects malware injection on these domains. | |
/malware/bait-check-generic |
string | enabled | optional | read/write | Specifies, when enabled, that the system checks predefined baits. |
/malware/bait-content |
string | optional | read/write | ||
/malware/bait-location |
string | /files/html/banner.html | optional | read/write | Specifies the BIG-IP URL location of a file that acts as bait for attackers. |
/malware/blacklist-words |
string | optional | read/write | Deprecated since v13.0.0. Please use blacklist-js-words and blacklist-words in detected-malware instead. Configures a list of words that are blacklisted if they appear in the web application’s HTML or JavaScript code. If the system detects these words, the system generates a malware alert. | |
/malware/domain-availability-urls |
string | optional | read/write | Deprecated since v13.0.0. Please use blacklist-urls and whitelist-urls in domain-availability under detected-malware instead. Specifies a JSON object containing URLs for which client network connectivity should be checked. | |
/malware/external-sources-targets |
string | optional | read/write | Configures a list of HTML element types and their attributes for which external injections should be checked. | |
/malware/flash-cookie-content |
string | optional | read/write | Specifies the flash file (in hexadecimal format) used to allow JavaScript to access the Flash object on the client side. | |
/malware/flash-cookie-location |
string | /files/ad.swf | optional | read/write | Specifies the BIG-IP URL location of the SWF file that JavaScript requests to get the Flash file. |
/malware/flash-cookies |
string | disabled | optional | read/write | Specifies, when enabled, that the system may use a Flash shared object (FSO) as a place to store an alternative malware cookie. |
/malware/generic-whitelist-words |
string | optional | read/write | Deprecated since v13.0.0. Please use generic-whitelist-words in detected-malware instead. Configures a list of generic blacklisted words that are ignored. | |
/malware/inline-scripts-whitelist-signatures |
string | optional | read/write | Configures a list of signatures for allowed inline scripts. | |
/malware/source-integrity-location |
string | /istats/ | optional | read/write | Specifies the BIG-IP URL path where the system collects information about the HTML source from multiple users. |
/malware/detected-malware |
array_structure | optional | read/write | ||
/malware/detected-malware/app-service |
string | optional | read/write | ||
/malware/detected-malware/blacklist-functions |
string | optional | read/write | Configures a list of regular expression patterns to detect functions that this malware can use when executing AJAX requests. | |
/malware/detected-malware/blacklist-js-words |
string | optional | read/write | Configures a list of words that are blacklisted if they appear in the JavaScript code. If the system detects these words, the system generates a malware alert. | |
/malware/detected-malware/blacklist-urls |
string | optional | read/write | Configures a list of regular expression patterns to detect URLs that this malware can use for AJAX requests and external scripts. | |
/malware/detected-malware/blacklist-words |
string | optional | read/write | Configures a list of words that are blacklisted if they appear in the web application’s HTML code. If the system detects these words, the system generates a malware alert. | |
/malware/detected-malware/generic-whitelist-words |
string | optional | read/write | Configures a list of generic blacklisted words that are ignored. | |
/malware/removed-scripts |
array_structure | optional | read/write | ||
/malware/removed-scripts/blacklist-functions |
string | optional | read/write | Configures a list of functions that are used for detecting self-removed malicious scripts. | |
/malware/removed-scripts/whitelist-functions |
string | optional | read/write | Configures a list of functions that are NOT used for detecting self-removed malicious scripts. | |
/malware/removed-scripts/blacklist-functions |
string | optional | read/write | Configures a list of functions that are used for detecting self-removed malicious scripts. | |
/malware/removed-scripts/whitelist-functions |
string | optional | read/write | Configures a list of functions that are NOT used for detecting self-removed malicious scripts. | |
/malware/web-rootkit |
array_structure | optional | read/write | ||
/malware/web-rootkit/blacklist-functions |
string | optional | read/write | Configures a list of additional functions to be checked. | |
/malware/web-rootkit/whitelist-functions |
string | optional | read/write | Configures a list of native functions that are allowed to be overwritten. | |
/malware/web-rootkit/blacklist-functions |
string | optional | read/write | Configures a list of additional functions to be checked. | |
/malware/web-rootkit/whitelist-functions |
string | optional | read/write | Configures a list of native functions that are allowed to be overwritten. | |
/malware/allowed-domains |
string | optional | read/write | Configures a list of whitelisted domains. The system does not send alerts on requests for URLs from these domains, even if the system detects malware injection on these domains. | |
/malware/bait-check-generic |
string | enabled | optional | read/write | Specifies, when enabled, that the system checks predefined baits. |
/malware/bait-content |
string | optional | read/write | ||
/malware/bait-location |
string | /files/html/banner.html | optional | read/write | Specifies the BIG-IP URL location of a file that acts as bait for attackers. |
/malware/blacklist-words |
string | optional | read/write | Deprecated since v13.0.0. Please use blacklist-js-words and blacklist-words in detected-malware instead. Configures a list of words that are blacklisted if they appear in the web application’s HTML or JavaScript code. If the system detects these words, the system generates a malware alert. | |
/malware/domain-availability-urls |
string | optional | read/write | Deprecated since v13.0.0. Please use blacklist-urls and whitelist-urls in domain-availability under detected-malware instead. Specifies a JSON object containing URLs for which client network connectivity should be checked. | |
/malware/external-sources-targets |
string | optional | read/write | Configures a list of HTML element types and their attributes for which external injections should be checked. | |
/malware/flash-cookie-content |
string | optional | read/write | Specifies the flash file (in hexadecimal format) used to allow JavaScript to access the Flash object on the client side. | |
/malware/flash-cookie-location |
string | /files/ad.swf | optional | read/write | Specifies the BIG-IP URL location of the SWF file that JavaScript requests to get the Flash file. |
/malware/flash-cookies |
string | disabled | optional | read/write | Specifies, when enabled, that the system may use a Flash shared object (FSO) as a place to store an alternative malware cookie. |
/malware/generic-whitelist-words |
string | optional | read/write | Deprecated since v13.0.0. Please use generic-whitelist-words in detected-malware instead. Configures a list of generic blacklisted words that are ignored. | |
/malware/inline-scripts-whitelist-signatures |
string | optional | read/write | Configures a list of signatures for allowed inline scripts. | |
/malware/source-integrity-location |
string | /istats/ | optional | read/write | Specifies the BIG-IP URL path where the system collects information about the HTML source from multiple users. |
/mobilesafe |
array_structure | optional | read/write | ||
/mobilesafe/alert-custom-config |
string | optional | read/write | Specifies alert custom configuration for SDK forward compatibility. | |
/mobilesafe/alert-threshold |
integer | 24 | optional | read/write | Specifies the minimal score for sending alerts from mobile devices. |
/mobilesafe/general-custom-config |
string | optional | read/write | Specifies general custom configuration for SDK forward compatibility. | |
/mobilesafe/app-integrity |
array_structure | optional | read/write | ||
/mobilesafe/app-integrity/custom-config |
string | optional | read/write | Specifies custom configuration of Application integrity for SDK forward compatibility. | |
/mobilesafe/app-integrity/disabled |
boolean | true | optional | read/write | Disables Application integrity. |
/mobilesafe/app-integrity/enabled |
boolean | true | optional | read/write | Enables Application integrity. |
/mobilesafe/app-integrity/android |
array_structure | optional | read/write | ||
/mobilesafe/app-integrity/android/score |
integer | 100 | optional | read/write | Specifies Application integrity score for Android platform. |
/mobilesafe/app-integrity/android/signature |
string | optional | read/write | Specifies signature of Android application (in hexadecimal format). | |
/mobilesafe/app-integrity/android/score |
integer | 100 | optional | read/write | Specifies Application integrity score for Android platform. |
/mobilesafe/app-integrity/android/signature |
string | optional | read/write | Specifies signature of Android application (in hexadecimal format). | |
/mobilesafe/app-integrity/ios |
array_structure | optional | read/write | ||
/mobilesafe/app-integrity/ios/score |
integer | 100 | optional | read/write | Specifies Application integrity score for iOS platform. |
/mobilesafe/app-integrity/ios/hashes |
array_structure | optional | read/write | ||
/mobilesafe/app-integrity/ios/hashes/app-service |
string | optional | read/write | ||
/mobilesafe/app-integrity/ios/hashes/version |
string | optional | read/write | Specifies iOS Application version for this hash. | |
/mobilesafe/app-integrity/ios/score |
integer | 100 | optional | read/write | Specifies Application integrity score for iOS platform. |
/mobilesafe/app-integrity/custom-config |
string | optional | read/write | Specifies custom configuration of Application integrity for SDK forward compatibility. | |
/mobilesafe/app-integrity/disabled |
boolean | true | optional | read/write | Disables Application integrity. |
/mobilesafe/app-integrity/enabled |
boolean | true | optional | read/write | Enables Application integrity. |
/mobilesafe/malware |
array_structure | optional | read/write | ||
/mobilesafe/malware/check-custom |
string | enabled | optional | read/write | Enables or disables custom malware check. |
/mobilesafe/malware/check-generic |
string | enabled | optional | read/write | Enables or disables generic malware check. |
/mobilesafe/malware/custom-config |
string | optional | read/write | Specifies custom configuration of Malware detection for SDK forward compatibility. | |
/mobilesafe/malware/disabled |
boolean | true | optional | read/write | Disables Malware detection. |
/mobilesafe/malware/enabled |
boolean | true | optional | read/write | Enables Malware check. |
/mobilesafe/malware/android |
array_structure | optional | read/write | ||
/mobilesafe/malware/android/custom-malware |
array_structure | optional | read/write | ||
/mobilesafe/malware/android/custom-malware/app-service |
string | optional | read/write | ||
/mobilesafe/malware/android/custom-malware/package |
string | optional | read/write | Specifies package of checked Android malware. | |
/mobilesafe/malware/android/custom-malware/score |
integer | 25 | optional | read/write | Specifies score for checked Android malware. |
/mobilesafe/malware/android/custom-whitelist |
array_structure | optional | read/write | ||
/mobilesafe/malware/android/custom-whitelist/app-service |
string | optional | read/write | ||
/mobilesafe/malware/android/custom-whitelist/package |
string | optional | read/write | Specifies package of whitelist Android application. | |
/mobilesafe/malware/behaviour-analysis |
array_structure | optional | read/write | ||
/mobilesafe/malware/behaviour-analysis/run |
string | enabled | optional | read/write | Enables or disables behavior analysis run. |
/mobilesafe/malware/behaviour-analysis/score |
integer | 25 | optional | read/write | Specifies score for behavior analysis. |
/mobilesafe/malware/behaviour-analysis/run |
string | enabled | optional | read/write | Enables or disables behavior analysis run. |
/mobilesafe/malware/behaviour-analysis/score |
integer | 25 | optional | read/write | Specifies score for behavior analysis. |
/mobilesafe/malware/ios |
array_structure | optional | read/write | ||
/mobilesafe/malware/ios/custom-malware |
array_structure | optional | read/write | ||
/mobilesafe/malware/ios/custom-malware/app-service |
string | optional | read/write | ||
/mobilesafe/malware/ios/custom-malware/path |
string | optional | read/write | Specifies path of checked iOS malware. | |
/mobilesafe/malware/ios/custom-malware/score |
integer | 25 | optional | read/write | Specifies score for checked iOS malware. |
/mobilesafe/malware/ios/custom-whitelist |
array_structure | optional | read/write | ||
/mobilesafe/malware/ios/custom-whitelist/app-service |
string | optional | read/write | ||
/mobilesafe/malware/ios/custom-whitelist/path |
string | optional | read/write | Specifies path of whitelist iOS application. | |
/mobilesafe/malware/check-custom |
string | enabled | optional | read/write | Enables or disables custom malware check. |
/mobilesafe/malware/check-generic |
string | enabled | optional | read/write | Enables or disables generic malware check. |
/mobilesafe/malware/custom-config |
string | optional | read/write | Specifies custom configuration of Malware detection for SDK forward compatibility. | |
/mobilesafe/malware/disabled |
boolean | true | optional | read/write | Disables Malware detection. |
/mobilesafe/malware/enabled |
boolean | true | optional | read/write | Enables Malware check. |
/mobilesafe/mitm |
array_structure | optional | read/write | ||
/mobilesafe/mitm/certificate-custom-config |
string | optional | read/write | Specifies custom configuration of Certificate forging detection for SDK forward compatibility. | |
/mobilesafe/mitm/disabled |
boolean | true | optional | read/write | Disables Man-in-the-middle detection. |
/mobilesafe/mitm/dns-custom-config |
string | optional | read/write | Specifies custom configuration of DNS spoofing detection for SDK forward compatibility. | |
/mobilesafe/mitm/enabled |
boolean | true | optional | read/write | Enables Man-in-the-middle detection. |
/mobilesafe/mitm/domains |
array_structure | optional | read/write | ||
/mobilesafe/mitm/domains/app-service |
string | optional | read/write | ||
/mobilesafe/mitm/certificate-custom-config |
string | optional | read/write | Specifies custom configuration of Certificate forging detection for SDK forward compatibility. | |
/mobilesafe/mitm/disabled |
boolean | true | optional | read/write | Disables Man-in-the-middle detection. |
/mobilesafe/mitm/dns-custom-config |
string | optional | read/write | Specifies custom configuration of DNS spoofing detection for SDK forward compatibility. | |
/mobilesafe/mitm/enabled |
boolean | true | optional | read/write | Enables Man-in-the-middle detection. |
/mobilesafe/os-security |
array_structure | optional | read/write | ||
/mobilesafe/os-security/custom-config |
string | optional | read/write | Specifies custom configuration of OS security for SDK forward compatibility. | |
/mobilesafe/os-security/disabled |
boolean | true | optional | read/write | Disables OS security. |
/mobilesafe/os-security/enabled |
boolean | true | optional | read/write | Enables OS security. |
/mobilesafe/os-security/android |
array_structure | optional | read/write | ||
/mobilesafe/os-security/android/untrusted-apps-score |
integer | 20 | optional | read/write | Specifies score for untrusted applications. |
/mobilesafe/os-security/android/versions |
array_structure | optional | read/write | ||
/mobilesafe/os-security/android/versions/app-service |
string | optional | read/write | ||
/mobilesafe/os-security/android/versions/from |
string | optional | read/write | Specifies Android version number from which OS is unpatched. | |
/mobilesafe/os-security/android/versions/score |
integer | optional | read/write | Specifies score for Android version range. | |
/mobilesafe/os-security/android/versions/to |
string | optional | read/write | Specifies Android version number to which OS is unpatched. | |
/mobilesafe/os-security/android/untrusted-apps-score |
integer | 20 | optional | read/write | Specifies score for untrusted applications. |
/mobilesafe/os-security/ios |
array_structure | optional | read/write | ||
/mobilesafe/os-security/ios/versions |
array_structure | optional | read/write | ||
/mobilesafe/os-security/ios/versions/app-service |
string | optional | read/write | ||
/mobilesafe/os-security/ios/versions/from |
string | optional | read/write | Specifies iOS version number from which OS is unpatched. | |
/mobilesafe/os-security/ios/versions/score |
integer | optional | read/write | Specifies score for iOS version range. | |
/mobilesafe/os-security/ios/versions/to |
string | optional | read/write | Specifies iOS version number to which OS is unpatched. | |
/mobilesafe/os-security/custom-config |
string | optional | read/write | Specifies custom configuration of OS security for SDK forward compatibility. | |
/mobilesafe/os-security/disabled |
boolean | true | optional | read/write | Disables OS security. |
/mobilesafe/os-security/enabled |
boolean | true | optional | read/write | Enables OS security. |
/mobilesafe/rooting-jailbreak |
array_structure | optional | read/write | ||
/mobilesafe/rooting-jailbreak/custom-config |
string | optional | read/write | Specifies custom configuration of Rooting / Jailbreak detection for SDK forward compatibility. | |
/mobilesafe/rooting-jailbreak/disabled |
boolean | true | optional | read/write | Disables Rooting / Jailbreak detection. |
/mobilesafe/rooting-jailbreak/enabled |
boolean | true | optional | read/write | Enables Rooting / Jailbreak detection. |
/mobilesafe/rooting-jailbreak/jailbreak-score |
integer | 25 | optional | read/write | Specifies score for jailbreak on iOS platform. |
/mobilesafe/rooting-jailbreak/rooting-score |
integer | 25 | optional | read/write | Specifies score for rooting on Android platform. |
/mobilesafe/rooting-jailbreak/custom-config |
string | optional | read/write | Specifies custom configuration of Rooting / Jailbreak detection for SDK forward compatibility. | |
/mobilesafe/rooting-jailbreak/disabled |
boolean | true | optional | read/write | Disables Rooting / Jailbreak detection. |
/mobilesafe/rooting-jailbreak/enabled |
boolean | true | optional | read/write | Enables Rooting / Jailbreak detection. |
/mobilesafe/rooting-jailbreak/jailbreak-score |
integer | 25 | optional | read/write | Specifies score for jailbreak on iOS platform. |
/mobilesafe/rooting-jailbreak/rooting-score |
integer | 25 | optional | read/write | Specifies score for rooting on Android platform. |
/mobilesafe/alert-custom-config |
string | optional | read/write | Specifies alert custom configuration for SDK forward compatibility. | |
/mobilesafe/alert-threshold |
integer | 24 | optional | read/write | Specifies the minimal score for sending alerts from mobile devices. |
/mobilesafe/general-custom-config |
string | optional | read/write | Specifies general custom configuration for SDK forward compatibility. | |
/phishing |
array_structure | optional | read/write | ||
/phishing/alert-path |
string | /phstats/ | optional | read/write | Specifies the BIG-IP URL path for alerts from the phishing inline script. |
/phishing/allowed-elements |
string | optional | read/write | Configures a list of URLs for which referrer checks are ignored. | |
/phishing/allowed-referrers |
string | optional | read/write | Configures a list of excepted domains that are allowed to request resources from the protected web application. | |
/phishing/application-css |
string | disabled | optional | read/write | Specifies, when enabled, that the system injects the CSS content to the existing application CSS files. |
/phishing/application-css-locations |
string | optional | read/write | Configures a list of the server URL locations of the application CSS files. | |
/phishing/css-attribute-name |
string | clear2both | optional | read/write | Specifies the attribute name as part of the CSS content. |
/phishing/css-content |
string | optional | read/write | ||
/phishing/css-location |
string | /files/css/style.css | optional | read/write | Specifies the BIG-IP URL location of the CSS file. |
/phishing/expiration-checks |
string | enabled | optional | read/write | Specifies, when enabled, that the system sends an alert if expired JavaScript engine files are used, as this is an indication of a phishing attack. |
/phishing/image-location |
string | /images/bsrmu.gif | optional | read/write | Specifies the BIG-IP URL location of the 1x1 pixel image file. |
/phishing/protected-elements |
string | optional | read/write | Configures a list of URLs for which referrer header value is checked. | |
/phishing/referrer-checks |
string | disabled | optional | read/write | Specifies, when enabled, that the system verifies (checks) requests coming to the web application for resources from different domains. |
/phishing/inject-css-element |
array_structure | optional | read/write | ||
/phishing/inject-css-element/after |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS element after an opening tag. |
/phishing/inject-css-element/before |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS element before a closing tag. |
/phishing/inject-css-element/tag |
string | /body | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the CSS element. |
/phishing/inject-css-element/after |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS element after an opening tag. |
/phishing/inject-css-element/before |
boolean | false | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS element before a closing tag. |
/phishing/inject-css-element/tag |
string | /body | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the CSS element. |
/phishing/inject-css-link |
array_structure | optional | read/write | ||
/phishing/inject-css-link/after |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS link after an opening tag. |
/phishing/inject-css-link/before |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS link before a closing tag. |
/phishing/inject-css-link/tag |
string | head | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the CSS link. |
/phishing/inject-css-link/after |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS link after an opening tag. |
/phishing/inject-css-link/before |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the system injects the CSS link before a closing tag. |
/phishing/inject-css-link/tag |
string | head | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the CSS link. |
/phishing/inject-inline-javascript |
array_structure | optional | read/write | ||
/phishing/inject-inline-javascript/after |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the phishing inline script and image are injected after an opening tag. |
/phishing/inject-inline-javascript/before |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the phishing inline script and image are injected before a closing tag. |
/phishing/inject-inline-javascript/tag |
string | body | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the phishing inline script and image. |
/phishing/inject-inline-javascript/after |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the phishing inline script and image are injected after an opening tag. |
/phishing/inject-inline-javascript/before |
boolean | true | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies that the phishing inline script and image are injected before a closing tag. |
/phishing/inject-inline-javascript/tag |
string | body | optional | read/write | Deprecated since v12.1.3 (excluding v13.0.0). Please use same configuration in a specific URL instead. Specifies the HTML tag for injection of the phishing inline script and image. |
/phishing/alert-path |
string | /phstats/ | optional | read/write | Specifies the BIG-IP URL path for alerts from the phishing inline script. |
/phishing/allowed-elements |
string | optional | read/write | Configures a list of URLs for which referrer checks are ignored. | |
/phishing/allowed-referrers |
string | optional | read/write | Configures a list of excepted domains that are allowed to request resources from the protected web application. | |
/phishing/application-css |
string | disabled | optional | read/write | Specifies, when enabled, that the system injects the CSS content to the existing application CSS files. |
/phishing/application-css-locations |
string | optional | read/write | Configures a list of the server URL locations of the application CSS files. | |
/phishing/css-attribute-name |
string | clear2both | optional | read/write | Specifies the attribute name as part of the CSS content. |
/phishing/css-content |
string | optional | read/write | ||
/phishing/css-location |
string | /files/css/style.css | optional | read/write | Specifies the BIG-IP URL location of the CSS file. |
/phishing/expiration-checks |
string | enabled | optional | read/write | Specifies, when enabled, that the system sends an alert if expired JavaScript engine files are used, as this is an indication of a phishing attack. |
/phishing/image-location |
string | /images/bsrmu.gif | optional | read/write | Specifies the BIG-IP URL location of the 1x1 pixel image file. |
/phishing/protected-elements |
string | optional | read/write | Configures a list of URLs for which referrer header value is checked. | |
/phishing/referrer-checks |
string | disabled | optional | read/write | Specifies, when enabled, that the system verifies (checks) requests coming to the web application for resources from different domains. |
Array Structures
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
/rules |
array_structure | optional | read/write | ||
/rules/action |
string | web-service | optional | read/write | Specifies the type of the action that the system performs when this event is detected. |
/rules/app-service |
string | optional | read/write | ||
/rules/duration |
integer | 1440 | optional | read/write | Specifies number of minutes during which the system performs the action block-user, forensic, inspection, remediation or route. |
/rules/enforce-policy |
string | time-limited | optional | read/write | Specifies enforcement policy for the action block-user, remediation, forensic or inspection. |
/rules/min-score |
integer | optional | read/write | Specifies the lowest score of this event necessary for the system to perform the action. | |
/rules/payload |
string | username=%USERNAME%&client_ip=%CLIENT_IP%&event_type=%EVENT_TYPE%&score=%SCORE%&host=%HOST%&application_cookies=%APPLICATION_COOKIES%&transaction_id=%TRANSACTION_ID%&fingerprint=%FINGERPRINT% | optional | read/write | Specifies the payload for the web-service action. |
/rules/pool |
string | optional | read/write | Specifies the name of the pool for the route action. | |
/rules/publisher |
string | optional | read/write | Specifies the name of the log publisher for the web-service action. | |
/rules/url |
string | optional | read/write | Specifies the URL for the action redirect or web-service. | |
/urls |
array_structure | optional | read/write | ||
/urls/app-service |
string | optional | read/write | ||
/urls/description |
string | optional | read/write | Specifies an optional description of this URL. | |
/urls/include-query-string |
string | disabled | optional | read/write | Specifies, when enabled, that the system includes query string of URLs to match this wildcard expression. The default value is disabled. |
/urls/inject-javascript |
string | enabled | optional | read/write | Enables or disables JavaScript injection into responses to this URL. The default value is enabled. |
/urls/mobilesafe-encryption |
string | disabled | optional | read/write | Specifies, when enabled, that the system protects requests for this URL from mobile devices with Application layer encryption. |
/urls/priority |
integer | optional | read/write | Specifies a unique ordinal number for this URL in the set of wildcard URLs. | |
/urls/type |
string | explicit | optional | read/write | Specifies a type of the URL, either explicit or wildcard. The default value is explicit. |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.