Forum Discussion

Nimbostratus

May 15, 2012

Cookie security - Encryption vs Secure+HttpOnly

Howdy, We're currently running a tweak version of the rule here https://devcentral.f5.com/weblogs/J...style.aspx on our 10.2 LTM's. it doesn't work well and has never been well integrated in...

app sec

BIG-IP Access Policy Manager (APM)

security

hooleylist

Cirrostratus

Jun 01, 2012

By the way, there's an RFE (BZ227347) for adding more native options for setting the HttpOnly and secure flags for cookies being sent in a response. Adding more cases to the request will help raise the visibility of the request.

Aaron

Recent Discussions

how to whitelist new source IP on F5 web UI access
Jan 02, 2025
Herman2024
F5 to read a combined CRL file
Jan 02, 2025
awan_m
Upgrade F5 BIGIP
Jan 02, 2025
Ollie_Alderson
ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?
Jan 02, 2025
russellasl00
MAC address of deleted VS IP address still responsive
Jan 02, 2025
Teddy_Brewski

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Cookie security - Encryption vs Secure+HttpOnly

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

F5 Security Podcasts

Secure and HTTPonly cookie

My Security+ Certification Journey

Certifications for security professionals

API security

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS