Triggered on an HTTP request (before the payload), after Bot Defense finished processing the request, but before a decision is made on a possible action. The event may be used to retrieve the data processed by Bot Defense, query and override URL qualification for client-side responses.
This event is triggered only when Proactive Bot Defense is enabled on the DOS profile, and Bot Defense needs to make a decision on a possible action. The event will not be triggered in the following cases: white-listed IP address, black-listed geo-location, blocked by bot signature, or mitigated by dosl7 attack.
Most of the command that are available on the HTTP_REQUEST event are also available on the BOTDEFENSE_REQUEST event.
Note that commands which may suspend iRule processing are currently not supported in this event and should not be used. Partial list of these commands: after, persist, session, table, and RESOLV::lookup.


Deprecated in BIG-IP Next v20.0.1


Example 1: Allow client-side challenges on a specific URL

     if {[HTTP::uri] eq "/t/a.php"} {
         BOTDEFENSE::cs_allowed true

Change Log

  • Introduced: BIGIP-12.1
  • Deprecated: BIGIP-20.0.1

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.