Forum Discussion

Cirrostratus

Jul 26, 2020

violations

In our adc security policy events, one of the website always gets blocked for some of its contents on the page. logs point to few violations including modified domain cookie which has a cookie name ...

Employee

Jul 30, 2020

If "Modified domain cookie(s)" violation is detected, then this means that this cookie (or wildcard, which matches this cookie) is defined as enforced on "Security ›› Application Security : Headers : Cookies List" page.

"Enforced" means that cookie can not be modified by user and in case of any modification "Modified domain cookie(s)" violation must be detected.

"Enforced" need to be used for cookies (like session ID), which are set by application via "Set-Cookie" header and can not be modified by user.

If in your case you expect, that cookie can be modified, then you need to change it's type to "Allow".

Thanks, Ivan

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

violations

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

Separating False Positives from Legitimate Violations

AWAF - Do not log Geolocation violations from the Event Log

No Learning Suggestions But could see Violations in the event logs

F5 ASM | count violation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS