Hi Muhammad,
To start, be sure that the challenge tag (e.g. <script type="text/javascript" src="<challenge-path-value>" async></script>) is included on the page you are testing on and the challenge path value you place on the page matches the challenge path configured in the iRule.
The easiest way to test if the requests are making it to us or not is to create a policy that blocks based on a specific header and then sending a request to your site with that header. If you see our block page, you'll know that the request is making it to us.
To create the policy:
1. Log into the Imperva Bot Management Console
2. Click on Connector
3. Make sure the site you want to check shows up in the Sites list (if the site is not in the list, you will need to create it and probably need to update the F5 connector configuration with the credentials that are provided)
4. Click on Policies
5. Click on the default policy for the site
6. Under the block section, click on Add Condition
7. Click on New Conditions and then click on Create next to Header
8. Give the condition a name such as
connector block test9. Fill out the header name with the header key you want to use, e.g.
block-test10. Fill out the header pattern with the header value you want to use, e.g.
block11. Click
Save12. Click
Publish ConfigurationTo test the policy you can use an extension for the browser of your choice (such as Modify Header Value (HTTP Headers) for
Chrome or
Firefox) to insert the header and value that you created in the policy. Alternatively, you could use curl to test by including the -H option and providing the header details from the policy you created, e.g. curl -H 'block-test: block'
http://example.com. However you send the request, you should see the Imperva block page.
If you don't see the block page, the first place to start troubleshooting is the LTM logs on the F5 load balancer (located at /var/log/ltm). You may see an error like the following:
Sep 11 09:30:45 <hostname> err tmm1[15150]: Rule /Common/imperva-f5/imperva-https <HTTP_REQUEST>: Client - <ip address>, Imperva failure :remoteAnalyze: Error: <error message>
The error message provided should give you a clue about why traffic to the analysis host is not working. Some possibilities are incorrect analysis host address, incorrect api keys, the domain is not created in the portal, or inability to route to the analysis host (this list is not exhaustive but just a few examples).
Take corrective action based on the error message you see and try again. If you don't see any log entries related to the connector iRule, it's likely that the rule is either not applied to the virtual server or the rule was not implemented correctly. Double check the implementation steps.
If you are unable to get the integration working on your own, you are always welcome to open a support ticket and we'll do our best to get you sorted.
Good Luck!
Derrick Lowder
------------------------------
Derrick Lowder
Tech Lead - ABP Operations
Imperva
------------------------------
Original Message:
Sent: 09-10-2020 16:49
From: Muhammad Shoaib
Subject: ABP and F5 Connector
Hello everyone,
I have been using Distil Networks ( on-prem deployment ) for some time but after its acquisition with Imperva, I am on a mission to migrate it from on-prem design to Imperva Cloud.
I took the F5 Connector path for this journey because our applications are tightly coupled with F5 Load balancers.
F5 Connector
I was wondering if someone here in this community has crossed this bridge and would like to share his experience or may help me out.
Currently, I have gone through the document and completed the following tasks :
- Configure the javascript and tcl files
- Create the F5 plugin
- Upload the plugin to the workspace
- Create a new pool for the analysis request
- Enable protection on a virtual server
It appears I am not receiving "cookies" from Imperva Cloud.
Basically, I want to know how to test the setup and what to look for in the headers that will confirm that it is working or if not then where it is breaking.
I highly appreciate in advance for any insight, tips or hints that will help me to land this plane sooner and safely.
Thank you
Muhammad Shoaib
#AdvancedBotProtection
------------------------------
Muhammad Shoaib
Paciolan Inc.
CA
------------------------------