For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

CodeShare Refresh: HTTP Session Limit

The iRules CodeShare on DevCentral is an amazingly powerful, diverse collection of iRules that perform a myriad of tasks ranging from credit card scrubbing to form based authentication to, as in toda...

Published Dec 27, 2011

Version 1.0

Historic F5 Account

Joined May 12, 2005

View Profile

Colin_Walker_12

Historic F5 Account

Joined May 12, 2005

View Profile

hoolio

Cirrostratus

Dec 27, 2011

It would make sense to force closure of the TCP connection when redirecting a client to a blocking page if you're only checking the first HTTP request on each TCP connection. As it is, a client could ignore the redirect and continue making more HTTP requests on the same TCP connection to bypass the iRule logic.

At some point it would make sense (for someone :) to add validation of each HTTP request on the connection to handle different clients who might be connecting from behind the same proxy.

Aaron

CodeShare Refresh: HTTP Session Limit

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS