irule to replace Realm value for http response header WWW-Authenticate: Basic realm="IP address"

Question

To mitigate against internal IP address disclosure in Basic Authentication Header, i'd like to change the IP address to some other value.

I tried changing "Basic Auth Realm" in http profile but it only works for some testing tools like wfetch but not for curl.

I also tried the following irule but it also works sometimes:

when HTTP_RESPONSE {

if { [HTTP::header "WWW-Authenticate"] starts_with "Basic" }{
HTTP::header replace WWW-Authenticate "Basic realm='mydomain.com'"
}
}

enes_afsin_al · Answer

Hi alchancco,
Can you change the http event and try?
when HTTP_RESPONSE_RELEASE {
	if { [HTTP::header WWW-Authenticate] starts_with "Basic" }{
		HTTP::header replace WWW-Authenticate "Basic realm='mydomain.com'"
	}
}
&nbsp;

alchancco · Answer

HI Enes_Afsin_AI,I made the change&nbsp; but as before it only changes the header value&nbsp; sporadically.- alfredo

Forum Discussion

irule to replace Realm value for http response header WWW-Authenticate: Basic realm="IP address"

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

"Content Switching" to non-addressable virtual server

"Port lockdown" option for SNAT pool addresses?

Check Authorization / WWW-Authenticate headers

Rewrite header "WWW-Authenticate: Basic realm="

APM SSO and SAP error no supported WWW-Authenticate header is found

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS