Encrypt URL's and querystrings

Question

I know about the SSN and credit card scrubber, but is it possible to search the payload for http href's and replace them with an encrypted string them decrypt it on the way back in.&nbsp;
&nbsp;We have some info in our querystrings that we would like to hide using the loadbalancer until the development staff can make the appropriate change to the code.&nbsp;
&nbsp;Any help would be greatly appreciated.&nbsp;
&nbsp;Thanks,
&nbsp;Eric

hoolio · Answer

Hi,&nbsp;
&nbsp;You should be able to use the credit card scrubber rule (Click here) as an example for inspecting and replacing the HTTP response content.   You could search for the URLs/URIs in the response content and use the AES functions (Click here) to encrypt the content.  On subsequent responses, you could use HTTP::header or HTTP::uri to decrypt the strings.&nbsp;
&nbsp;If there is sensitive data in the HTTP response headers, you would need to en/decrypt that seperately using the HTTP::header functions (Click here).&nbsp;
&nbsp;Try starting with this and repost with any questions.&nbsp;
&nbsp;Aaron

tom_spector_50 · Answer

Please note that this would work provided there is no client side logic that uses these links or information in these links.

Forum Discussion

Encrypt URL's and querystrings

2 Replies

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Encrypted UCS Backup with REST-API

Automate Let's Encrypt Certificates on BIG-IP

Load Balancing TCP TLS Encrypted Syslog Messages

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS