Follow

Q&A: Does F5 Silverline Support Rate Limiting?

 

Question

  • Does F5 Silverline Support Rate Limiting?
    • How does it work? 

Environment

  • Silverline WAF
  • Silverline DDoS
  • Proxy/Proxies
    • iRule

Answer

  • Yes, Silverline can offer support for Rate Limiting
    • For example:

      If a client IP triggers 5 POST request to "/login" URL within 5mins window and then block for 1 hour

      * The above example only checks 5 POST requests to "/login" URL within 5mins.
      It does not verify whether or not the POST requests were successful or not.
  • If you want to verify other conditions, do let us know so we can properly scope the protection 
    • Other conditions may include:
      • Expected response code vs unexpected? (200 for failure and 302 for successful login attempts)
      • Successful login message vs failed login message?
      • Please state if there are other conditions that may apply

Finally, to get started on the iRule/protection please provide the following information

1) The name of the iRule?
2) Are there any IPs you want to allowlist from this rate limit?
3) The Detect Rate? ( example:  5 POST Request )
4) The Detect Window? ( example: 5 Minutes )
5) The Block Duration? ( example: 1 Hour )
6) Is there a specific HTTP method you want the iRule to check (GET/POST) or does checking the HTTP method matter? ( example: POST)
7) URI to protect

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request