For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

20 Lines or Less: Security Headers and DNS

What could you do with your code in 20 Lines or Less? That's the question we like to ask from, for, and of (feel free to insert your favorite preposition here) the DevCentral community, and every ...
Published Mar 14, 2016
Version 1.0
application delivery
iRules
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
Simon_Waters_13's avatar
Simon_Waters_13
Icon for Cirrostratus rankCirrostratus
Mar 15, 2016
Scott provides report-uri.io which allows reporting for CSP and HPKP violations, which could be added with only a couple of extra lines. https://report-uri.io/ Alas my no-sniff rule is rather more complex thanks to Jive software. As is every CSP I've ever done that is useful. I'm doing something similar for Wordpress, but have different ages for HSTS and HPKP which I think makes sense as HPKP may well want to be shorter than HSTS, and well the less said about trying to apply CSP to WordPress sensibly the better.