Forum Discussion
Cookie Does Not Contain The "secure" Attribute on ltm vip
OK..I am not sure about that we allowed to c provision a BIG-IP ASM (new) on F5 LB.
And I also checked with F5 TAC engineer and he suggested as below
"The security scan will test the traffic all the way through the virtual server, to the pool member. Since the BIG-IP virtual server is not generating the cookie, it must be the pool member server that is generating it. Therefore, the Qualys scan would be indicating that the vulnerable component is the server, NOT the BIG-IP virtual server."
So Finally he is pointing something to check on backend server.
so I am a bit confusion what decision need to take on this
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com