SoL7616: ASM Static Content Bypss

Hi there,

 

 

A more secure method for handling static content would be to use RAM caching with ASM. The advantage is that every request and response which goes to the app is validated by ASM, and subsequent requests for the static file types are answered from cache. This requires RAM cache to be licensed. The implementation is described in SOL8216/SOL7056 on AskF5.

 

 

If that's not an option, then bypassing ASM for static file types is a good alternative. You don't need to specify a pool at all for the rule. It's in the example for people who have separate servers to host the static content. You could either set it to the same pool as is configured on the VIP, or you could remove the 'set ::static_content_pool "SET_STATIC_POOL_NAME_HERE"' and 'pool $::static_content_pool' lines.

 

 

The host variable should be set to the HTTP host for your application. If the URL is https://test.mysite.example.com/login.jsp, the host variable should be set to test.mysite.example.com.

 

 

I'm curious to see if the example works verbatim. It looks like there might be some formatting issues in the solution example. If you run into problems using the rule, reply here for help.

 

 

Aaron