Security Irules 101: Engage Cloak!

Introduction iRules are a powerful tool in the F5 administrators arsenal. They allow administrators to adapt and customize the F5 to their needs. They provide extensive power for securi...

Published Nov 15, 2014

Version 1.0

Nimbostratus

Joined November 08, 2011

View Profile

jwham20

Nimbostratus

Nov 26, 2012

There is also the HTTP::header sanitize command, which provides a built in method for the sanitization of headers.

https://devcentral.f5.com/wiki/irules.HTTP__header.ashx

These are all great examples of Positive Enforcement (whitelist models).

We could reverse this and create a general blanket Negative Security model, saying that no matter the application, we never want to see the server header leave our environment.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Security Irules 101: Engage Cloak!

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS