For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Joel_66443's avatar
Joel_66443
Icon for Nimbostratus rankNimbostratus
Jun 16, 2009

Encrypting POST variables before they hit the server

Hi All,   I'm attempting to encrypt two form variables as they are in transit from the user's browser to the web server. That is, I want to encrypt the two variables before they hit the web serv...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jun 16, 2009
Hi,

 

 

There are a few issues with the example you posted. I'll provide some suggestions on how to do this in a bit, but first I'm wondering why you would encrypt just portions of this data only between LTM and the server(s). Can you explain the use case for this?

 

 

If you're sending credit card numbers over an untrusted network it should be done with the entire connection encrypted. It would be more efficient in terms of LTM resources to encrypt the connection versus individual components of the request. It would also eliminate the need for the application to decode and decrypt the parameters.

 

 

Aaron