Forum Discussion
Nick_T_68319
Nimbostratus
Nimbostratuscookie insert
So if I use the default F5 cookie, it names it like:
BIGipServerMYPOOLNAME
That's cool, but as a requirement from our infosec department, they want me to rename the cookie and encrypt it. Which is fine, but we have a lot of web sites. So I am wondering if i need to create one cookie profile per web site, or if there is a way to add a prefix to the end of the cookie like the default one.
for example, could i create a new cookie, name it
blah and have the f5 add the pool name to the end? Or do I just need to create one cookie profile per site?
3 Replies
- The_BhattmanI don't think you can alter BIGipServer. However, here is an forumn post that talks about it
http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=30710&view=topic
I hope this helps
Bhattman 
hoolioCirrostratus
Yes, the default cookie name is BIGipServer. As far as I'm aware, you cannot modify the default cookie name prefix.
If you set the cookie name to a custom one in a custom cookie insert persistence profile, LTM will use that explicitly for all cookies inserted. It won't be modified to anything else based on which pool a request is load balanced to. So if you want to customise the cookie name, you'd want to do this either with a custom cookie profile for each VIP (assuming one pool per VIP) or using an iRule. You can specify in a custom HTTP profile a cookie name to encrypt/decrypt the value for. You could also do the cookie encryption in an iRule.
If you go the iRule route and want help, reply here for suggestions.
Aaron- The_BhattmanYou could also open a ticket with F5 for a feature enhancement in their next OS upgrades.
Bhattman
