Forum Discussion

Cirrus

Jan 04, 2018

HTTP Header not detected

Hello All, We have got vulnerability " HTTP header not detected " for few of our F5 webtop URL .Do we know how we can fix this .? Do we have irule which can be applied to fix this ? These U...

application delivery

BIG-IP Access Policy Manager (APM)

LTM

security

Jad_Tabbara__J1

Cirrostratus

Jan 04, 2018

Hello Puluck,

How did you detect this vulnerability ? If using a known vulnerability scanner such as Qualys or other, could you add the description given by the editor for this vulnerability...

Indeed it will help us to give you the best manner to treat this.

APM has by default security options such as the "Secure" & "HTTP Only" flags for cookie headers.

Once we know why the scanner is raising this vulnerability we can add more security headers to enforce your webtop.

Regards

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

HTTP Header not detected

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

Question regarding F5 Viprion Configuration Migration to VE.

Mutual TSL Between Two BigIPs

Big-Ip Edge Client specials characters problems

Which encyrtion algorithm is used when making Kerberos ticket encyrtion.

iControl for Gtm wideip

Related Content

F5 Distributed Cloud JA4 detection for enhanced performance and detection

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet

HTTP redirect to HTTPS with pool down detection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS