Forum Discussion
raghad5
Altostratus
Jan 26, 2025Session Cookie Does Not Contain the "Secure" Attribute
We attempted to resolve this vulnerability by enabling the secure attribute in cookies and also by implementing iRules. However, the vulnerability still identified in Qualys Scan.
could you please assist in resolving this vulnerability?
thanks in advance.
Hello raghad5
Did you tried the steps mentioned in the below KB?
Setting the secure attribute for BIG-IP persistence cookies
If you don't use cookie persistence profile, you need to configure the BIG-IP ASM to use secure and HttpOnly cookie flag.
BR
AswinYou are welcome š
Recent Discussions
Related Content
Ā
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects