For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ruggerfly1's avatar
Ruggerfly1
Icon for Nimbostratus rankNimbostratus
May 11, 2018

AWS Health Checker Sessions in APM

Good Morning,   What's the best way to clean or control sessions created by an External Health Check to my Virtuals protected by APM?   session.user.agent = ELB-HealthChecker   I was thinkin...
BIG-IP Access Policy Manager (APM)
cloud
LTM
August_Winterst's avatar
August_Winterst
Icon for Employee rankEmployee
Aug 25, 2020

In my testing of an AWS Network LB (TCP port 443 check) and Application LB (HTTPS request to the APM VS), the Network LB Health check did not leave any hung sessions in APM. For the Application LB, it should be configured to check '/my.logout.php3' instead of just '/'. Reasons:

 

  • going to the default of '/' results in a 302 for '/my.policy' and gives you a cookie. 302 isn't a valid response code by default in AWS and it opens a session in APM
  • going to '/my.policy' with the AWS health check results in a 302 for '/my.logout.php3' since the request doesn't contain a cookie that would have been provided when going to '/' and getting the 302 for '/my.policy'
  • going to '/my.logout.php3' does not require a cookie and results in a 200