BIG-IP 17.0 ASM Cookie based allow requests
Is it possible to allow requests through the ASM if the client sending the request has a unique cookie with a particular value? I want to whitelist these requests based on this cookie. If this is possible would someone please share with me how this is accomplished?
You can do using a local traffic policy:
- Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
- Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
- Reorder the rules so this rule takes precedence over the default rule.
- Save and publish the policy
- From your VS, remove the ASM auto policy and assign your new policy.