Can deactivate this cookie as per audit report -possible impacts

Question

Dear all,&nbsp;
In the  audit report , an issue about a BIGip cookie is raised.  We think that this security issue is related to the load balancer for environment on preprod and prod who sets automatically this cookie for each client.&nbsp;
As per the report Can we please check if we can deactivate this cookie as recommended in this report ? And what are the possible impacts ?&nbsp;
Need to know is it possible If yes ..what are the possible impacts ??&nbsp;
Thanks in advance&nbsp;
Regards
Kamlesh Y&nbsp;

kevin_stewart · Answer

I think the only issue with the default cookie (insert) persistence profile is that it identifies the use of BIG-IP. The cookie is by default named
BIGipServer[pool name]

example:
BIGipServermytestpool

You can absolutely change the name of the persistence cookie to anything you want, with one caveat. The default cookie name includes the assigned pool name, while any name you choose will not. If you're load balancing between multiple pools in a single VIP and using cookie persistence, the default persistence cookie will be able to track each pool individually, while your custom cookie will not.

Forum Discussion

Can deactivate this cookie as per audit report -possible impacts

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

2026 301a exam

UCS Encryption Question

Unblock Request WAF

VIP in https that redirect to another vip in https

Related Content

Overview of MITRE ATT&CK Tactic: TA0040 - Impact

Technical Impacts of Open Banking and Financial Data Exchange on Financial Systems

Impact of restarting big3d service

TCL Error possibly causing TCP Resets?

Impact of disabling TCP Timestamp in TCP and fasl4 profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS