Forum Discussion

Nimbostratus

Jan 20, 2009

Could someone shed light on "Modified Domain Cookie" violations?

I need some help in understanding the modified cookie domain violation. Does ASM report it when a cookie gets modified at the client side (browser)? and does it also report when a cookie gets updated ...

app sec

BIG-IP Access Policy Manager (APM)

security

Chris_Paulraj_1

Nimbostratus

Jan 27, 2009

Thank you Javier, You are right on, we do see those violations. Does it also flag when the protocol is switched? We get Bigip affinity cookie from our public site using HTTP and when we switch to HTTPS at the time of login, it is flagging both affinity cookies with Modified Domain cookies violation. (two different pools - one for HTTP and one for HTTPS)

thanks again

Chris

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Could someone shed light on "Modified Domain Cookie" violations?

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Cisco TACACS+ Config on ISE LTM Pair

How can I get started with iCall

Checking for X-Forwarded-For against an Address Data-Group

SSL Bridging and FQDN rewrite Policy

iRule causing requests to be duplicated (sometimes)

Related Content

Modern Template "Decision Box" modify "title" item

Rewrite single cookie "USERCOOKIE" domain if cookie domain is "www1.test,example.com"

Separating False Positives from Legitimate Violations

Sliding session for "FedAuth" Persistent cookie delivered by ADFS

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS