Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Oct 26, 2022

Modified domain cookie

Receive some blocked event about "modified domain cookie". After some research , a cookie "TSxxxxxxxx" is generated by F5 ASM and it used to hash the enforce cookie. When user got blocked, I found ...

Icon for Nimbostratus rank

Nimbostratus

The user is not internal.

"This is a tricky one as maybe the user is comming from a jump host or there is a proxy device before the F5 that does something" <-- You mean the proxy device will modify or delete the cookie?

All the links you posts i have already read before I post this question in this forum.

Icon for MVP rank

MVP

Oct 26, 2022

I admit that are all my suggestions as if the F5 is sending the cookie what happens on the client device, I can't tell 🙂

My final suggestion could be to also use One Connect profile as it helps with cookies and upstream proxy devices but outside of that I am out of ideas.

https://support.f5.com/csp/article/K7964

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming