Community Highlights, Week 7 '23
Tip of the week:
There's still space to register for Wednesday's GLOBAL live webinar: Easily View, Manage, and Scale Your App Security with F5 NGINX
If you're in the Montreal area on Thursday, be sure to check out the Montreal F5 User Group meeting on the 16th and say hi to my old teammate Tony_Marfil!
Content you may have missed:
ARTICLES
- DevCentral's Featured Member for February - Edouard Zorrilla by PSilva
- Using F5 Distributed Cloud AppStack & CE Site Survivability by Dave_Potter
- In search of a security incident response system for the masses, Part 2: A Minimal Deployment by Valentin_Tobi
- NGINX Management Suite API Connectivity Manager - Modern API driven Applications by momahdy
- F5 SIRT This Week In Security - Jan 30-Feb 3 - Quarterly Security Notification and Crypto Hacks by Jordan_Zebor
- Easily Protect Your Applications from DDoS with F5 Distributed Cloud DDoS Auto-Mitigation by Ted_Byerly
- Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform by Shubham_Mishra
VIDEOS
- Implementing SSL Orchestrator with OPSWAT MetaDefender
- How F5 Distributed Cloud AppStack & CE Site Survivability Improves App Availability
- Easily Protect Your Applications from DDoS with F5 XC DDoS Auto-Mitigation
- 2023 Prediction: Multi-Factor Authentication will Become Ineffective
- What is eBPF? Brightboard Lesson
- ProxyNotShell Returns For The Holidays To Target Exchange Servers
- Using Distributed Cloud Private Connectivity Orchestration with AWS & Azure
- F5 Quarterly Security Notification: February 1, 2023
- Coding Live: F5 BIG-IP Packet Captures
- AWS On A Budget: Cost Cutting Tips and Tricks - DevCentral Connects - Ep112 - Feb 7, 2023
Forum post highlights:
- Amine_Kadimi and RadekR gave great advice to use iHealth to check for all known vulnerabilities with your specific version of BIG-IP
- Kai_Wilke and Paulius advised on how to remove weak ciphers in TLS 1.2 and 1.3 in prod
- Mayur_Sutare gave advice on how to disable weaker ciphers in TLS 1.2
- Mohamed_Salah_ gave thoughtful responses about understanding Connection Limit and Connection Rate Limit
- Ichnafi helped a fellow user out with their SSL profile client
New Accepted Solutions
- how to Change original source IP to random in ASM logs
- allowing requests through ASM w/a unique cookie of a particular value
- understanding and resolving unexpected behavior with Traffic Policy to Split Content Between IIS Server and Cloud Provider
asmith984 figured out their own issue with SAML IdP Initiated SSO Denied and Killing Existing Session established through OAuthdani_salvado
dani_salvado solved their own issue with an error while using the REST proxy on BIG-IQ
- laid out some factors that go into How to suppress the logon page for authenticated users for a period of time in APM
- gave direction to a user trying to create an access portal with redirect URL
Enes_Afsin_Al showed how to figure out the actual timeframe for the LTM Virtual statistics records
- told us about the risk of problems if there is no firewall
- pointed out a fix to Big-IP virtual edition not loading configuration
- Pointed a user to an article about writing an iRule for HTTP compression profile
- isolating Application Releases within BIG-IP
- iRule Shenanigans fix
Nikoolayy1 helped someone with how to get AFM to log firewall rules
Mohamed_Salah_ helped a user with checking the host header
malcooooIm helped AboAmir with a question about BIG-IP 5200 traffic flow
xuwen gave a helping hand with behavior of SSL::disable serverside
Notable solutions:
- Mohamed_Ahmed_Kansoh wrote up Stable point of Configuration "Rescue Point"
- SiCoffey shared GSLB Split DNS by iRule
Unanswered questions:
- Michaelyang would like to understand behaviour with two devices in HA status
- Ichnafi needs help building an ansible playbook to modify vCMP-Guest
- Hooni_L is having an issue with XC - Obelix table syncer list operation failed
- ChrisThuys is having an difficulty with securing an API with a JSON OPENAPI file
Weekly community stats (excluding F5 employees):
Most kudoed authors
Gave the most kudos:
Top kudoed posts:
- Kai_Wilke's reply to Making SNMP queries in iRules
- Sebastiansierra 's reply to Modern APM Message Box
- dani_salvado 's follow-up to their Use the REST proxy on the BIG-IQ system ERROR post
F5er stats:
Most kudoed:
Gave the most kudos:
Top kudoed posts:
- F5 SIRT This Week In Security - Jan 30-Feb 3 - Quarterly Security Notification and Crypto Hacks by Jordan_Zebor
- NGINX Management Suite API Connectivity Manager - Modern API driven Applications by momahdy
- Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform by Shubham_Mishra
Published Feb 14, 2023
Version 1.0
Whew! Long one this week. Last week we added a few stats for F5ers, and this week is the first time I've tried highlighting all the new Accepted Solutions for the week. Is this helpful to you? Let me know!
