Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Config NGINX to F5

Satriaji
Cirrus
Cirrus

Hi everyone,

I have VS.

IMG-20221229-WA0024.jpg

NGINX require script to implement at F5 profile but i dont know where I must config at F5 configuration.

Here the NGINX requirement :

client_max_body_size 5000M;

client_body_buffer_size 5000M;

client_body_timeout 4024;

client_header_timeout 3024;

 

Where I must config that NGINX requirement to the VS in F5 ??? Using profile or irules ?? How to set up ? 

 

Thanks

 

 

 

1 ACCEPTED SOLUTION

buulam
Community Manager
Community Manager

Hi @Satriaji , there are no equivalent settings within Local Traffic Manager but rather they can be found in Application Security Manager or AWAF.

client_max_body_size  (awaf setting – file uploads max size)

client_body_buffer_size (awaf setting – advanced config -> System Variables -> request_buffer_size)

client_body_timeout and client_header_timeout (awaf setting - advanced config -> System Variables -> slow_transaction_timeout) Note: we can do idle timeouts with Fasthttp profiles but not standard http profiles.

These are our default profile timeouts. https://support.f5.com/csp/article/K7606  The standard http profile will make it so a (tcp) connection to the backend will not occur until it has a fully rfc compliant http request from the client so it does offer some native protection from slow http type attacks.

Good article on mitigating slow post if that’s a primary concern here. https://support.f5.com/csp/article/K42552578

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral

View solution in original post

3 REPLIES 3

Leslie_Hubertus
Community Manager
Community Manager

Hi @Satriaji - I think  that your post might not have gotten an answer because of the holiday lull in traffic. I've asked one of my teammates to take a look and see if they can help you out, and will also feature this in this week's Highlights article to get more eyes on it. 

buulam
Community Manager
Community Manager

Hi @Satriaji I'll look into this for you tomorrow

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral

buulam
Community Manager
Community Manager

Hi @Satriaji , there are no equivalent settings within Local Traffic Manager but rather they can be found in Application Security Manager or AWAF.

client_max_body_size  (awaf setting – file uploads max size)

client_body_buffer_size (awaf setting – advanced config -> System Variables -> request_buffer_size)

client_body_timeout and client_header_timeout (awaf setting - advanced config -> System Variables -> slow_transaction_timeout) Note: we can do idle timeouts with Fasthttp profiles but not standard http profiles.

These are our default profile timeouts. https://support.f5.com/csp/article/K7606  The standard http profile will make it so a (tcp) connection to the backend will not occur until it has a fully rfc compliant http request from the client so it does offer some native protection from slow http type attacks.

Good article on mitigating slow post if that’s a primary concern here. https://support.f5.com/csp/article/K42552578

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral