Forum Discussion
D_T
Cirrus
CirrusRemoval of Client Side F5 Persistence Pool Cookie
I am seeing the F5 persistence pool cookies showing on the client side browser when viewing via inspection tools:
BIGipServer~application~po*
I would like to remove these so the pools are not exposed to viewers of the website. I assigned the following rule to the VIP but it does not appear to be clearing these out:
when HTTP_RESPONSE_RELEASE {
set cookies [HTTP::cookie names]
foreach aCookie $cookies {
if {$aCookie matches_regex {^BIGipServer(?:[0-9a-fA-F]{6,8})(?:$|_[0-9]+$)}} {
# Remove ASM Cookies
HTTP::cookie remove $aCookie
}
}
}
This is exactly how Cookie Persistence method works and if you remove the cookie you break the functionality. There are alternative cookie persistence methods you might consider. Check them below:
Overview of cookie persistence (f5.com)
In addition to it, I recommend you to enable encryption on your current cookie persistence method. This will prevent malicious users to revert the value of the cookie into IP address of your pool member.
- Ismael_Goncalves
Employee
This is exactly how Cookie Persistence method works and if you remove the cookie you break the functionality. There are alternative cookie persistence methods you might consider. Check them below:
Overview of cookie persistence (f5.com)
In addition to it, I recommend you to enable encryption on your current cookie persistence method. This will prevent malicious users to revert the value of the cookie into IP address of your pool member.