For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Bob_10976's avatar
Bob_10976
Icon for Nimbostratus rankNimbostratus
Jan 03, 2011

iRule to secure All Cookies...

I would like to setup an iRule that secures all cookies that are traverse a specific VIP. I created the below iRule, and assigned it to the only secure VIP we have but it doesn't seem to be working a...
application delivery
dev
devops
iRules
Chris_Miller's avatar
Chris_Miller
Icon for Altostratus rankAltostratus
Jan 04, 2011
when HTTP_RESPONSE {
if { [HTTP::cookie exists "ASP.net_SessionID"] } {
HTTP::cookie secure "ASP.net_SessionID" enable 
} 
if { [HTTP::cookie exists ".ADAuthCookie"] } {
HTTP::cookie secure ".ADAuthCookie" enable }
}

The rule does compile so that's a start. See if the functionality works and if it does, I'll clean it up so it's as efficient/pretty as possible. This is simply enables the secure flag on cookies sent from pool members with the two names you mentioned.