Blocking client that uses existing cookie

Question

Hi,We are trying to block a client that uses existing cookie. We try to configure session hijacking protection but they are still able to connect.May I know another method to block the client that uses existing cookie?&nbsp;&nbsp;

paulius · Answer

What makes you believe they're using an existing cookie rather than receiving a new one?

jayson27 · Answer

Hi,We are running this to a UAT, and they are trying to access first the legitimate user once successfully login they copied the cookies of the legit user then it will be imported to another user browser.&nbsp;

zamroni777 · Answer

in my opinion, it's not valid test case for waf or reverse proxy such as f5 asm/ltm
because browsers also reuse non expired cookies in legitimate access.

i suggest the application should add captcha to verify human users.

if you have enough apm user session license, you can also put the app access via apm webtop portal.
my customer use this mechanism for corporate internet banking access.

paulius · Answer

To be clear, this is what you did already?
https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-implementations-14-1-0/preventing-session-hijacking-and-tracking-user-sessions.html

Forum Discussion

Blocking client that uses existing cookie

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

Response and blocking page

Zero Trust building blocks - Machine Identity Management (MIM) and Workload Protection

Block Log4j with use of IOCs

Block destination IP by source IP

F5 BIG-IP and NGINX - Securing Your AWS VPC Lattice Applications for External Clients

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS