ltm rule event BOTDEFENSE REQUEST
iRule(1) BIG-IP TMSH Manual iRule(1)
BOTDEFENSE_REQUEST
Bot Defense event upon HTTP request, before action is decided.
DESCRIPTION
Triggered on an HTTP request (before the payload), after Bot Defense
finished processing the request, but before a decision is made on a
possible action. The event may be used to retrieve the data processed
by Bot Defense, query and override URL qualification for client-side
responses.
This event is triggered only when Proactive Bot Defense is enabled on
the DOS profile, and Bot Defense needs to make a decision on a possible
action. The event will not be triggered in the following cases: white-
listed IP address, black-listed geo-location, blocked by bot signature,
or mitigated by dosl7 attack.
Most of the command that are available on the HTTP_REQUEST event are
also available on the BOTDEFENSE_REQUEST event.
Note that commands which may suspend iRule processing are currently not
supported in this event and should not be used. Partial list of these
commands: after, persist, session, table, and RESOLV::lookup.
Examples
# EXAMPLE: Allow client-side challenges on a specific URL
when BOTDEFENSE_REQUEST {
if {[HTTP::uri] eq "/t/a.php"} {
BOTDEFENSE::cs_allowed true
}
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-12.1 --First introduced the event.
BIG-IP 2017-01-31 iRule(1)