Query on Cookie

Question

Dear All,&nbsp;
Have a query regarding Cookie encryption.&nbsp;
One of my application requires cookie not to be encrypted, leaving my Virtual IP address exposed.&nbsp;
Is it possible to encrypt only the IP address part of the cookie and leave the rest RAW (UN-encrypted)&nbsp;
Need your guidance / suggestions on the same&nbsp;
Thank you&nbsp;

boneyard · Answer

in general with an iRule you can do what you want, for example taking parts of the cookie content and encrypting that, but leaving the rest. the built in functionality won't do this for you.&nbsp;
you could consider two cookies, one with what needs to be unencrypted and one with encryption.&nbsp;
also isn't your webserver behind the big-ip, why is encryption a problem then? it is encrypted between the client and big-ip, but unencrypted to the webserver.&nbsp;
can you show the content of the cookie? because the remark leaving the virtual ip address exposed doesn't make quite sense.&nbsp;

Forum Discussion

Query on Cookie

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

Cookie-based DDoS protection

2. SYN Cookie: Operation

1. SYN Cookie: Intro

Encrypting Cookies

8. SYN Cookie: Troubleshooting tcpdump

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS