For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Oct 26, 2022

Modified domain cookie

Receive some blocked event about "modified domain cookie". After some research , a cookie "TSxxxxxxxx" is generated by F5 ASM and it used to hash the enforce cookie. When user got blocked, I found ...

Icon for Nimbostratus rank

Nimbostratus

Oct 26, 2022

The user is not internal.

"This is a tricky one as maybe the user is comming from a jump host or there is a proxy device before the F5 that does something" <-- You mean the proxy device will modify or delete the cookie?

All the links you posts i have already read before I post this question in this forum.

Icon for MVP rank

MVP

Oct 26, 2022

I admit that are all my suggestions as if the F5 is sending the cookie what happens on the client device, I can't tell 🙂

My final suggestion could be to also use One Connect profile as it helps with cookies and upstream proxy devices but outside of that I am out of ideas.

https://support.f5.com/csp/article/K7964

Security Best Practices for F5 Products

Technical Articles

F5 AppWorld 2026 Registration - early bird pricing.

DevCentral News

Kostas Injeyan - October 2025 Featured Member

DevCentral News

featured member

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5