Disable HTTP Options Method on Management Interface F5

Question

Dear all,Our customer just ran a pentest on F5 Mgmt IP and found vulnerability HTTP Options Method enable. I only know how to disable this on VIP IP using HTTP profile/irule but couldnt find a way to disable this on Mgmt interface. Could anyone let me know how can I accomplish this. Many thanks!

jorge_a · Answer

https://support.f5.com/csp/article/K74566933

tuannguyen1712 · Answer

I'm looking for the solution!!!

samir · Answer

You can restrict management ip address(SSH n HTTPS) rather then disabling options method.

Thanks

Forum Discussion

Disable HTTP Options Method on Management Interface F5

3 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

google-visualization-issues

Related Content

management interface failover

Application Programming Interface (API) Authentication types simplified

Re: Management Certificate

NGINX Management Suite API Connectivity Manager - Modern API driven Applications

Using iControl REST API to manage F5 BIG-IP Advanced Firewall Manager (AFM)