Forum Discussion
ChrisMaKi_15830
Mar 06, 2013Nimbostratus
hundreds of modified asm cookie violations after software upgrade
We've upgraded our BigIP from 9.4.3 to 11.1.0 Build 2268.0 Hotfix HF5. This is the latest software version which is supported by our appliance.
Since that time the number of modified asm cookie violations raised extremely. Every week we have hundreds of new violations. Before the upgrade, we had less than 10 asm cookie violations in a week.
Most of these requests are from the googlebot. e. g.
From: googlebot(at)googlebot.com
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
X-Forwarded-For: 66.249.78.89
But there are a lot of other requests which look like valid requests being sent from a web browser.
I don't think that this is an attack against our website, because those violations occured right after our BigIP software upgrade. So I assume this is a problem with the new software version. However I don't want to disable the modified asm cookie violation. Is this a known problem and can it be solved?
I'd be glad about help. Thanks in advance.
5 Replies
Sort By
- Chris,
- Nathan, thanks for pointing this out.
- Are all your devices upgrades to 11.1 or do you still have some running 9.x code?
- If so how do you have your ASM configured, are they standalone or setup in an active standby configuration?
Just to confirm that you're not alone with this issue. I also have this problem since upgrading from 10.2.4 to v11 some time ago, so there is no session based cookies remaining, certainly not in the quantity that I'm seeing this violation occur in.
My LTM/ASM is configured in a Active/Standby HA pair.
Hopefully we will be able to resolve this issue soon.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects