Forum Discussion

Nimbostratus

Sep 20, 2017

TLS/1.0, PCI, and a custom message for HTTP response status codes

By June 30, 2018 we would like to turn off TLS/1.0 on all our HTTPS websites, in order to be compliant with PCI requirements. Instead of just turning TLS/1.0 off, we would like to use that time bet...

Cumulonimbus

Jan 25, 2018

Here's a quick and easy one for this situation based on the responses above:

when HTTP_REQUEST {
    switch -exact [SSL::cipher version] {
        "TLSv1.2" {
             do nothing
        }
        "TLSv1.1" {
             do nothing
        } default {
            HTTP::respond 403 content {


Access Denied

    You are using a Web browser that is not secure for accessing confidential information. Please upgrade to the most recent version./font>


} "Content-Type" "text/html" Connection close
            TCP::close
            return
        }
    }
}

Forum Discussion

TLS/1.0, PCI, and a custom message for HTTP response status codes

Recent Discussions

What is the meaning is 52% block in WAF

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Portal Access to HTTPS resources slow

How to Implement 2 Way SSL in F5 LTM

Related Content

FIX Message Response

response message be processed by SSLO again?

Introduction of Incident Response

Disable TLS 1.0 and 1.1 protocol on VIPS, Only TLS 1.2 should be on.

How to change TLS version 1.0 settings to version 1.2 or 1.3 in F5 DDoS product