BIG-IP 17.0 ASM Cookie based allow requests

f5gurunot · ‎08-Feb-2023

Is it possible to allow requests through the ASM if the client sending the request has a unique cookie with a particular value? I want to whitelist these requests based on this cookie. If this is possible would someone please share with me how this is accomplished?

Amine_Kadimi · ‎09-Feb-2023

You can do using a local traffic policy:

Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
Reorder the rules so this rule takes precedence over the default rule.
Save and publish the policy
From your VS, remove the ASM auto policy and assign your new policy.

View solution in original post

Amine_Kadimi · ‎09-Feb-2023

You can do using a local traffic policy:

Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
Reorder the rules so this rule takes precedence over the default rule.
Save and publish the policy
From your VS, remove the ASM auto policy and assign your new policy.

DevCentral

BIG-IP 17.0 ASM Cookie based allow requests

Register For AppWorld 2024

F5 Receives Six Trust Radius
Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

DevCentral

BIG-IP 17.0 ASM Cookie based allow requests

Register For AppWorld 2024

F5 Receives Six Trust Radius Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

F5 Receives Six Trust Radius
Best of 2023 Awards