Bug ID 994013: Modifying bot defense allow list via replace-all-with fails with match-order error ... Last Modified: Jun 28, 2025 ... Affected Product(s): ... An error occurs when modifying the allow list (or in case of 'load sys config verify' with similar configuration): 01b90026:3: Bot defense profile (/Common/bot-defense-device-id-generate-before-access) error: match-order should be unique. ... Impact ... You are unable to add-replace the bot defense allow list configuration ... Conditions ... -- Either modification via replace-all-with: tmsh modify security bot-defense profile bot-defense-device-id-generate-before-access whitelist replace-all-with { first_1 { match-order 1 source-address 10.0.0.0/8 url /foo } second_2 { match-order 2 source-address ::/32 url /bar } } -- Or delete all, add, save and load-verify: tmsh modify security bot-defense profile bot-defense-device-id-generate-before-access whitelist delete { all } tmsh modify security bot-defense profile bot-defense-devic...