Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Alan_Johnson_30's avatar
Alan_Johnson_30
Icon for Nimbostratus rankNimbostratus
Nov 29, 2017

HTTP Security Headers - LTM Policies

Hi folks, I'm trying to create some LTM Policies for the following: •X-XSS-Protection •X-Content-Type-Options •Content-Security-Policy •Strict-Transport-Security I already have the following wo...
irules
LTM
ltm policy
security
Paul_Madigan's avatar
Paul_Madigan
Icon for Nimbostratus rankNimbostratus
Mar 19, 2019

Question: We're running 13.1. What if we have an Existing Policy...is this something that can be added to the existing? (I didn't see where.) ....or would we create a second policy and apply (merge?) both policies? (If that is even possible.)

 

crodriguez's avatar
crodriguez
Ret. Employee
Mar 19, 2019

You can have multiple local traffic policies on a single virtual server. There's no need to worry about order (as is sometimes the case with multiple iRules) due to the way the policies are "compiled" by the policy engine. You may be able to add the new rules to an existing policy but that depends entirely on what the existing policy does. I tend to favor keeping functionality separate and distinct, but that's just me.