Forum Discussion
f5gurunot
Feb 09, 2023Cirrus
BIG-IP 17.0 ASM Cookie based allow requests
Is it possible to allow requests through the ASM if the client sending the request has a unique cookie with a particular value? I want to whitelist these requests based on this cookie. If this is p...
- Feb 09, 2023
You can do using a local traffic policy:
- Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
- Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
- Reorder the rules so this rule takes precedence over the default rule.
- Save and publish the policy
- From your VS, remove the ASM auto policy and assign your new policy.
Amine_Kadimi
Feb 09, 2023MVP
You can do using a local traffic policy:
- Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
- Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
- Reorder the rules so this rule takes precedence over the default rule.
- Save and publish the policy
- From your VS, remove the ASM auto policy and assign your new policy.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects