Forum Discussion

Nimbostratus

Nov 10, 2008

Modified Domain Cookie blocking

We have recently installed a pair of F56400s (v9.4.3) in front of our website with ASM in blocking mode. Despite the fact that our Website only utilises a handful of cookies (all confi...

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Apr 29, 2009

A good proxy wouldn't leave its cookies in requests it sends out as it opens itself up to session hijacking. In 9.4.2+, you can ignore the cookies which start with BCSI using the modified domain cookies setting. The field accepts wildcards, so you can configure BCSI-*. Also, you could use an iRule to remove these cookies from requests. This would not affect the proxy functionality and it would be a secure option. Your web app should ignore these cookies. And it definitely should not set any BCSI- cookies in its response.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Modified Domain Cookie blocking

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Unable to download files greater than 4GB. Running version 15.1.5.1

F5 Distributed Cloud Services Simulator Connect

Entra ID F5 APM MDM Intune integration compliance check

Replacing i2800 pair with new F5-BIG-AFM-r2800

Efficient Method to Compare F5 Configurations

Related Content

domain blocking

modified domain cookies

Massive DDoS, DanaBot Dismantled, Scraped Discord Messages and Signal Blocks Windows Recall

Blocking domains

iRule to modify a content-security-policy header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS