Forum Discussion

Icon for Altocumulus rank

Altocumulus

Feb 11, 2020

Disable HTTP Options Method on Management Interface F5

Dear all,

Our customer just ran a pentest on F5 Mgmt IP and found vulnerability HTTP Options Method enable. I only know how to disable this on VIP IP using HTTP profile/irule but couldnt find a way to disable this on Mgmt interface. Could anyone let me know how can I accomplish this. Many thanks!

application delivery

tuannguyen1712
Altocumulus
Feb 11, 2020
I'm looking for the solution!!!
Samir
MVP
Feb 11, 2020
You can restrict management ip address(SSH n HTTPS) rather then disabling options method.

SSH https://support.f5.com/csp/article/K5380
HTTPS https://support.f5.com/csp/article/K13309

Thanks
Jorge_A
Nimbostratus
Apr 02, 2020
https://support.f5.com/csp/article/K74566933

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming