14-Jul-2022 07:08 - edited 14-Jul-2022 07:08
Was trying to obfuscate by changing the cookie name in the persistence cookie profile, but I'm still seeing instances of Learning suggestions in ASM (WAF) for the default cookie name BIGipServer<pool_name>
I've confirmed the persistence profile did save the changes, and is in use on the Virtual Server. Checking the cookie names in use on a browser shows the correct (updated) cookie name.
Is this a bug perhaps? I'm on 14.1.5.0.0.7
Thanks!
15-Jul-2022 00:41
The change you made in the cookie insert profile applies to new connections only.
If there are current KeepAlive connections of clients (i.e. a typical webbrowser keeps connections open, even if having the site open in a tab or a different window).
There might be users which got the default cookie and simply did not close their browsers completely. They will keep sending the (unwanted) cookie until the browser is completely closed and this session cookie will be discarded.
15-Jul-2022 07:29
Thanks, I thought the same thing, but it has been several weeks since I updated all the cookie persistence profiles. You gave me an idea though; I'm going to try modifying the cookie and setting the expiration to a set duration as opposed to session, and see if that clears it up.
15-Jul-2022 02:16
Have you tried:
https://support.f5.com/csp/article/K95345460?
15-Jul-2022 07:31
Yep, and the ASM learning suggestions are seeing the default BIGIP cookie still and suggesting I add it that way, when in theory? the default cookie shouldn't be in use. I'm going to try setting an expiration timer on the cookie as opposed to session, and see if that clears any old cookies users may still have (I'm thinking even after several weeks.. users may not have closed their browsers)