Forum Discussion
Yozzer
Nimbostratus
NimbostratusASM blocked page redirect
When triggering an ASM signature we have a custom blocked page returned to the user who is then redirected to another page on the web server so that their session cookie is invalidated. Attacke...
I think via an iRule, you should be able to do this with the SIDEBAND command (https://clouddocs.f5.com/api/irules/SIDEBAND.html) - take the HTTP url that you currently have included in the redirect page, and should be able to use this in the iRule. (no personal experience with this one though).
Alternatively, are you familiar with ASM's Session Awareness functions? (Security ›› Application Security : Sessions and Logins : Session Tracking) You can enforce the session management on the ASM box, rather than on the backend webserver. Once enabled, you can also tell the F5 to block off particular sessions, IP's or usernames after X violations. Personally I prefer this option above session management on the backend server.
YozzerNimbostratus
NimbostratusThanks AlexBCT you helped a lot. I went down the Sideband route and it works perfectly to a http vip. I need to work out how to send the request to a https vip and which commands i need to add to handle the secure connection.