Ignore certain cookies for ASM

Question

Hi All,&nbsp;
I am having a problem on our LTM/ASM (ver 11.5.1) box. We use cookie persistence configured on the virtual server. Lately we had to encrypt the persistence cookie for added security. The result is, sometimes the encryption causes the value of the cookie to be some weird characters. And our environment requires that all headers have to meet certain character standard.&nbsp;
My question, is there a way to ignore the persistence cookie (or cookie characters to be specific) on ASM? I know we can ignore the Attack Signatures for the cookie, but we need certain characters  to be blocked on Headers in general, but ignored in this particular cookie.&nbsp;
Appreciate any advice,&nbsp;
Thanks,&nbsp;
Kenny&nbsp;

tikka_nagi_1315 · Answer

You can accomplish the using Header-Based Content Profiles
https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-5-0/31.html&nbsp;
Under the "Header-Based Content Profiles", there are 3 options&nbsp;
Request Header Name ---&gt; Set a Cookie header.
Request Header Value ---&gt; Set a Cookie value.
Request Body Handling ---&gt; Set as "Do nothing"&nbsp;
This will have to be configured per-url.&nbsp;

kenny_aldrin · Answer

Thanks Tikka!&nbsp;
I've got the same answer from F5 support. Case closed&nbsp;

Forum Discussion

Ignore certain cookies for ASM

Recent Discussions

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Inquiry About the "ast-api-discovery" Repository

Related Content

Cookie-based DDoS protection

2. SYN Cookie: Operation

1. SYN Cookie: Intro

Encrypting Cookies

8. SYN Cookie: Troubleshooting tcpdump

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS