-
Push updates when signatures are updated
Would be useful to be able to subscribe to signature update notifications. That is, when signatures are updated, get an email or notification.1
-
Allowing to set the content-type header for direct responses
In the Routes options of the load-balancer, setting up a Direct Response route makes that response returned with a content-type header set to "text/plain". That makes the web browser show the HTML code of the page instead of the web page. Promptin...2
-
Create additional monitoring-only options for WAF
You cannot simultaneously log low+medium accuracy attack signatures while blocking high accuracy attack signatures. A WAF must allow for more granular logging+blocking selections.0
-
Rewrite the hostname part of the 302 Location header response
When the "Host rewrite" feature is enabled on the HTTP Loadbalancer and the backend server responds with 302 redirects with absolute path Location header (which includes the hostname the was rewritten by the HTTP LB), we need a way to rewrite the ...
6
-
Configuration Versioning
It would add a lot of flexibility to have versions in the saved configurations to allow for faster rollback procedures when changes take place. Ideally, a user will be able to save the current configuration in a version and if a rollback procedure...0 Planned
-
DDOS protection dashboard
There is currently no dashboard displaying the status of the DDOS protection. It would be nice to have some metrics like standard traffic levels, usual attack types, burst absorbed, etc.0
-
Location HTTP response header rewriting
For example, nitass.ddns.net is origin FQDN. proxy-2.nitass.com is LB FQDN. The origin returns 301 redirect with http://nitass.ddns.net/newlocation but user expects http://proxy-2.nitass.com/newlocation . # curl -I http://159.60.140.120/oldlocatio...0
-
Enabling MFA for the Local Login of SSO Users
In the current configuration of F5 Distributed Cloud, SSO-enabled users retain the ability to log in locally as a fallback if SSO fails—this is by design. However, Multi-Factor Authentication (MFA) cannot be enforced for these local logins unless ...0
-
Disable specific Signature IDs from being allowed with AI/ML Model
We're seeing some signature IDs coming though we'd like to block, but AI/ML is allowing these signature IDs. Ideally we'd be able to create an exception within the console on specific signature IDs to not be evaluated by AI/ML so we can enforce th...1
-
GRANT USER ACCESS TO ONLY OVERVIEW SECTION
It would be nice if there is a way to profile a user so that they only have access to the Overview section in the Web App and API Protection Workspace. This is for a user that only wants security and performance insights into their applications. T...0