Forum Discussion

Nimbostratus

Nov 10, 2008

Modified Domain Cookie blocking

We have recently installed a pair of F56400s (v9.4.3) in front of our website with ASM in blocking mode. Despite the fact that our Website only utilises a handful of cookies (all confi...

app sec

BIG-IP Access Policy Manager (APM)

security

hooleylist

Cirrostratus

Jul 24, 2009

alfian, the iRule should work fine. Though if you're on 9.4.2 or higher, you can configure a wildcard of BCSI-* in the allowed modified domain cookie setting.

Allyn, the TS cookies are what ASM uses to track the web app's cookies and other dynamic settings. You should ideally leave the TS cookies as they're used by ASM for validation. If you don't want to track any cookies, you can just disable the modified domain cookie violation in the blocking mask of the policy.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Modified Domain Cookie blocking

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

domain blocking

modified domain cookies

Enriching AFM with public domain Threat Intelligence

iRule to modify a content-security-policy header

Blocking domains

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS