Jump to content
  • 0

Rate-Limiting with Bot Management type and Captcha mitigation


Josh Slaney

Question

Posted

Hello,

I've been finding the documentation on the Bot Management to be very limiting  from Citrix.  I'm looking to implement rate-limiting for a specific application with a global based BOT policy.   For the rate-limit type I can do type: Session which the allows me to specify a specific cookie name to rate-limit off. If an application generates a cookie for each session lets call it "AppSession"  and each cookie for each client has a unique value .  Does the Netscaler itself track each session by the unique value of each individual client for the cookie specified in the policy?  Lets say for example i want to limit to no more than 2 requests over a 1 second interval.  In what scenarios would i specify a rate limit condition? If i wanted to narrow down to a specific url or other indicator?

Screenshot2024-11-07at11_25_58AM.thumb.png.b2e6a98e08024a3ccbe96d513033c0e9.png

Client

 

With regards to the captcha config on the bot management profile.  Is that just a spot where you configure the captcha service you want to use for mitigation  for say IP reputation? or does the netscaler itself perform the captcha?

Screenshot2024-11-07at11_32_49AM.thumb.png.278efaae8a95976b4c02c09dbc2d68fd.png

Thanks,

1 answer to this question

Recommended Posts

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...