Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

BIG-IP 17.0 ASM Cookie based allow requests

f5gurunot
Cirrus
Cirrus

Is it possible to allow requests through the ASM if the client sending the request has a unique cookie with a particular value?  I want to whitelist these requests based on this cookie.  If this is possible would someone please share with me how this is accomplished?

1 ACCEPTED SOLUTION

You can do using a local traffic policy:

  1. Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
  2. Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
  3. Reorder the rules so this rule takes precedence over the default rule.
  4. Save and publish the policy
  5. From your VS, remove the ASM auto policy and assign your new policy.

Amine_Kadimi_0-1675945911541.png

Amine_Kadimi_1-1675945957376.png

 

 

View solution in original post

1 REPLY 1

You can do using a local traffic policy:

  1. Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
  2. Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
  3. Reorder the rules so this rule takes precedence over the default rule.
  4. Save and publish the policy
  5. From your VS, remove the ASM auto policy and assign your new policy.

Amine_Kadimi_0-1675945911541.png

Amine_Kadimi_1-1675945957376.png