Forum Discussion

Nimbostratus

Nov 21, 2018

Serving Port 80 and 443 for a web application

We have a web server which has historically only run on port 443. In order to use ACME for automated cert issuance, I have to allow port 80 through to the web server. I've configured the web server...

BIG-IP Access Policy Manager (APM)

devops

Kevin_Stewart

Employee

Nov 29, 2018

There's a Secure setting in the Cookie Options of the APM profile - SSO/Auth Domains tab. This option, when enabled (by default) instructs the browser to only use the APM session cookie over HTTPS connections.

I might caution that if a single access session is to be used across 80 and 443 connections, there's a risk of compromising the HTTPS session if the cookie is stolen. It may be better to isolate the 80 and 443 traffic into separate policies.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Serving Port 80 and 443 for a web application

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Checking for X-Forwarded-For against an Address Data-Group

SSL Bridging and FQDN rewrite Policy

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

Related Content

Introducing the F5 Application Study Tool (AST)

Free Passes to AppWorld 2025 – First Come, First Served!

iRule to serve security.txt file - RFC 9116

System Prerequisites for Deploying the Application Study Tool

Serving or browsing iFiles

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS