Forum Discussion

Cirrus

May 01, 2020

Cookie Encyrption Question - I'm confused

Recently we were notified by our Security team that the F5 cookies were not secure and needed to be adjusted. F5 BIG-IP Cookie Remote Information Disclosure (20089) (Tenable scan) I sta...

Nimbostratus

May 02, 2020

1. Enabling cookie persistence in F5 HTTP profile will encrypt all the cookies which are coming from backend servers.

2. You can use any password.

3. I would recommend to use new HTTP profile rather using the default HTTP profile.

4. If you do changes on the parent profile it will automatically reflect on the child profile. No need to refresh.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Cookie Encyrption Question - I'm confused

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Failing over Virtual F5 VE to DR location using Zerto

Failing over of a Virtual F5 configuration to another location using Zerto restore process

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

Related Content

Cache Confusion

AS3 TLS_Client VS TLS_Server Schema confusion

UCS Encryption Question

Site Launch Frequently Asked Questions

F5 Connection Mirroring question

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS