Modified Domain Cookie blocking

Question

We have recently installed a pair of F56400s (v9.4.3) in front of our website with ASM in blocking mode.  
&nbsp;  
&nbsp; Despite the fact that our Website only utilises a handful of cookies (all configured within the ASM) we are seeing and blocking loads of Modified Domain Cookie violations.  
&nbsp;  
&nbsp; It would appear that when users are visitng our website their browsers are trying to present cookies that are nothing to do with our domain whatsoever which the F5 is blocking because it, quite rightly, does not recognise the cookie as being from the application.  This action, however, is blocking the users from our site 
&nbsp;  
&nbsp; Modified Cookie Violation is another standard ASM policy feature which we have not altered so, to my way of thinking, anyone with an F5 will be experiencing the same kind of problem. 
&nbsp;  
&nbsp; Does anyone have the same issue?  Does anyone know why we are seeing this behaviour i.e. browsers trying to give us cookies we don't want.  
&nbsp;  
&nbsp; Any feedback/advice would be gratefully received

hoolio · Answer

(Click here) 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Modified Domain Cookie blocking

Recent Discussions

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Inquiry About the "ast-api-discovery" Repository

SNI Sites not taking correct certificate.

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

Related Content

domain blocking

modified domain cookies

Blocking domains

iRule to modify a content-security-policy header

Enriching AFM with public domain Threat Intelligence

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS