Forum Discussion

Altocumulus

Feb 11, 2020

Disable HTTP Options Method on Management Interface F5

Dear all,

Our customer just ran a pentest on F5 Mgmt IP and found vulnerability HTTP Options Method enable. I only know how to disable this on VIP IP using HTTP profile/irule but couldnt find a way to disable this on Mgmt interface. Could anyone let me know how can I accomplish this. Many thanks!

application delivery

big-ip

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Disable HTTP Options Method on Management Interface F5

3 Replies

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

Automating Certificate Management on F5 BIG-IP

Traffic Management User Interface Vulnerability: The Fix and Temporary Mitigation Options

management interface failover

Configuring Smart Card Authentication to BIG-IP Management Interface

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS