For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mango_LearnToUserF5's avatar
Mango_LearnToUserF5
Icon for Nimbostratus rankNimbostratus
Mar 13, 2024

Irule Check payload contains

Hi Everyone,   i have a request payload like this: POST /webconsole/api/security/auth/login HTTP/1.1 Host:  Connection: keep-alive Content-Length: 58 sec-ch-ua: "Chromium";v="122", "Not(A:Bra...
irule
security
Mango_LearnToUserF5's avatar
Mango_LearnToUserF5
Icon for Nimbostratus rankNimbostratus
Mar 18, 2024

Hi OCD_JAX,

 

I found the problem, my i-rule is correct. The problem is about cookies and caching data on my browser, I guess. Because with the same rules, if i logined with incognito mode or a new browser, then i got block. But if i used the old browser that i used to logon success, the i-rule won't be triggered. When i clear all history data on the old browser, then it also got blocked.

 

But i don't know how to check what exactly on the old browser prevent i-rule to work and can i somehow improve the i-rule to stop this situation when user got the caching data and cookie?

 

Thank you for the idea on fake response, it is interesting.