F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

SteveEason's avatar
SteveEason
Icon for Cirrus rankCirrus
May 01, 2020

Cookie Encyrption Question - I'm confused

Recently we were notified by our Security team that the F5 cookies were not secure and needed to be adjusted.   F5 BIG-IP Cookie Remote Information Disclosure (20089) (Tenable scan)   I sta...
BIG-IP
devops
LTM
Kareemmd's avatar
Kareemmd
Icon for Nimbostratus rankNimbostratus
May 01, 2020

1. Enabling cookie persistence in F5 HTTP profile will encrypt all the cookies which are coming from backend servers.

2. You can use any password.

3​. I would recommend to use new HTTP profile rather using the default HTTP profile.

4. If you do changes on the parent profile it will automatically reflect on the child profile. No need to refresh.