For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

sandy16's avatar
sandy16
Icon for Altostratus rankAltostratus
Jun 20, 2016

illegal cookie length: ASM violation

HI ASM experts, I am seeing traffic getting blocked due to the "Illegal cookie length violation" . System configured: 8192 bytes, received 8452. I am running 11.5.1 HF7. I tried to increase the cook...
ASM Advanced WAF
security
Hannes_Rapp's avatar
Hannes_Rapp
Icon for Nimbostratus rankNimbostratus
Jun 20, 2016

8192 Is indeed the maximum and I think you only have 2 workarounds - disable the violation, or write a custom iRule. Disabling the violation itself would probably make the most sense here.

Go to policy blocking settings, and un-tick the 'learn/alarm/block' boxes under 

Illegal cookie length
violation. Save and apply changes.

MSZ's avatar
MSZ
Icon for Nimbostratus rankNimbostratus
Jul 23, 2017

when I created the ASM policy longtime back I didn't notice the value of Max. cookie header length (It comes on Policy properties page). As per documentation it is any by default. But in my case I am able to see the value like 2048. I want to know how this value comes and where ?