For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Satriaji's avatar
Satriaji
Icon for Cirrus rankCirrus
Dec 29, 2022
Solved

Config NGINX to F5

Hi everyone, I have VS.   NGINX require script to implement at F5 profile but i dont know where I must config at F5 configuration. Here the NGINX requirement : client_max_body_size 5000M; ...
application delivery
cloud
devops
NGINX
profile
security
  • buulam's avatar
    buulam
    Jan 11, 2023

    Hi Satriaji , there are no equivalent settings within Local Traffic Manager but rather they can be found in Application Security Manager or AWAF.

    client_max_body_size  (awaf setting – file uploads max size)

    client_body_buffer_size (awaf setting – advanced config -> System Variables -> request_buffer_size)

    client_body_timeout and client_header_timeout (awaf setting - advanced config -> System Variables -> slow_transaction_timeout) Note: we can do idle timeouts with Fasthttp profiles but not standard http profiles.

    These are our default profile timeouts. https://support.f5.com/csp/article/K7606  The standard http profile will make it so a (tcp) connection to the backend will not occur until it has a fully rfc compliant http request from the client so it does offer some native protection from slow http type attacks.

    Good article on mitigating slow post if that’s a primary concern here. https://support.f5.com/csp/article/K42552578

Leslie_Hubertus's avatar
Leslie_Hubertus
Ret. Employee
Jan 05, 2023

Hi Satriaji - I think  that your post might not have gotten an answer because of the holiday lull in traffic. I've asked one of my teammates to take a look and see if they can help you out, and will also feature this in this week's Highlights article to get more eyes on it.