Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Config NGINX to F5

Go to solution
Satriaji
Cirrus
Cirrus

‎29-Dec-2022 06:03

Hi everyone,

I have VS.

IMG-20221229-WA0024.jpg

NGINX require script to implement at F5 profile but i dont know where I must config at F5 configuration.

Here the NGINX requirement :

client_max_body_size 5000M;

client_body_buffer_size 5000M;

client_body_timeout 4024;

client_header_timeout 3024;

 

Where I must config that NGINX requirement to the VS in F5 ??? Using profile or irules ?? How to set up ? 

 

Thanks

 

 

 

1 ACCEPTED SOLUTION

Go to solution
buulam
Community Manager
Community Manager
In response to buulam

‎11-Jan-2023 14:36

Hi @Satriaji , there are no equivalent settings within Local Traffic Manager but rather they can be found in Application Security Manager or AWAF.

client_max_body_size  (awaf setting – file uploads max size)

client_body_buffer_size (awaf setting – advanced config -> System Variables -> request_buffer_size)

client_body_timeout and client_header_timeout (awaf setting - advanced config -> System Variables -> slow_transaction_timeout) Note: we can do idle timeouts with Fasthttp profiles but not standard http profiles.

These are our default profile timeouts. https://support.f5.com/csp/article/K7606  The standard http profile will make it so a (tcp) connection to the backend will not occur until it has a fully rfc compliant http request from the client so it does offer some native protection from slow http type attacks.

Good article on mitigating slow post if that’s a primary concern here. https://support.f5.com/csp/article/K42552578

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral

View solution in original post

3 REPLIES 3

Go to solution
Leslie_Hubertus
Community Manager
Community Manager

‎04-Jan-2023 18:05

Hi @Satriaji - I think  that your post might not have gotten an answer because of the holiday lull in traffic. I've asked one of my teammates to take a look and see if they can help you out, and will also feature this in this week's Highlights article to get more eyes on it. 

0 Kudos

Go to solution
buulam
Community Manager
Community Manager

‎10-Jan-2023 18:09

Hi @Satriaji I'll look into this for you tomorrow

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral

Go to solution
buulam
Community Manager
Community Manager
In response to buulam

‎11-Jan-2023 14:36

Hi @Satriaji , there are no equivalent settings within Local Traffic Manager but rather they can be found in Application Security Manager or AWAF.

client_max_body_size  (awaf setting – file uploads max size)

client_body_buffer_size (awaf setting – advanced config -> System Variables -> request_buffer_size)

client_body_timeout and client_header_timeout (awaf setting - advanced config -> System Variables -> slow_transaction_timeout) Note: we can do idle timeouts with Fasthttp profiles but not standard http profiles.

These are our default profile timeouts. https://support.f5.com/csp/article/K7606  The standard http profile will make it so a (tcp) connection to the backend will not occur until it has a fully rfc compliant http request from the client so it does offer some native protection from slow http type attacks.

Good article on mitigating slow post if that’s a primary concern here. https://support.f5.com/csp/article/K42552578

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral
Copyright © 2023 Khoros, LLC