Forum Discussion
SanYang
Aug 31, 2023Cirrus
About Session Hijacking
Hello, I've been testing session hijacking lately. Here is my setting I have found that when I change SESSION or TS01340bfb individually, F5 blocks it. However, when I change bo...
Nikoolayy1
Sep 01, 2023MVP
Better see this as I do not see feature cookie only the main F5 cookie https://my.f5.com/manage/s/article/K6850
https://my.f5.com/manage/s/article/K95345460
Maybe enable session tracking and see that the SESSION cookie is enforced.
The ASM Feature cookies
The ASM Feature cookies are set for client requests when one or more BIG-IP ASM features are activated or enabled, such as the following policy features:
- Login/Logout page enforcement
- CSRF enforcement
- Session tracking
- Dynamic parameters
- CAPTCHA enforcement
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects