For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

sandy16's avatar
sandy16
Icon for Altostratus rankAltostratus
Jun 20, 2016

illegal cookie length: ASM violation

HI ASM experts, I am seeing traffic getting blocked due to the "Illegal cookie length violation" . System configured: 8192 bytes, received 8452. I am running 11.5.1 HF7. I tried to increase the cook...
ASM Advanced WAF
security
Yann_Desmarest_'s avatar
Yann_Desmarest_
Icon for Nacreous rankNacreous
Jun 20, 2016

Hi,

 

8192 bytes is the default length, not the max allowed in general.

 

I will try it on my lab and give you a feedback

 

Yann_Desmarest_'s avatar
Yann_Desmarest_
Icon for Nacreous rankNacreous
Jun 20, 2016
In fact, that's true. 8192 bytes is the maximum length you can define for header and cookies. This is a limit that include name+value. You can change this setting by Any if you have headers that exceed this max length