Forum Discussion

Nimbostratus

Jul 08, 2022

irule to replace Realm value for http response header WWW-Authenticate: Basic realm="IP address"

To mitigate against internal IP address disclosure in Basic Authentication Header, i'd like to change the IP address to some other value. I tried changing "Basic Auth Realm" in http profile but it o...

MVP

Hi alchancco,

Can you change the http event and try?

when HTTP_RESPONSE_RELEASE {
	if { [HTTP::header WWW-Authenticate] starts_with "Basic" }{
		HTTP::header replace WWW-Authenticate "Basic realm='mydomain.com'"
	}
}

alchancco

Nimbostratus

Jul 21, 2022

HI Enes_Afsin_AI,

I made the change but as before it only changes the header value sporadically.

- alfredo

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

irule to replace Realm value for http response header WWW-Authenticate: Basic realm="IP address"

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

"Content Switching" to non-addressable virtual server

"Port lockdown" option for SNAT pool addresses?

Check Authorization / WWW-Authenticate headers

Rewrite header "WWW-Authenticate: Basic realm="

APM SSO and SAP error no supported WWW-Authenticate header is found

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS