cancel
Showing results for 
Search instead for 
Did you mean: 

Disable HTTP Options Method on Management Interface F5

tuannguyen1712
Altocumulus
Altocumulus

Dear all,

Our customer just ran a pentest on F5 Mgmt IP and found vulnerability HTTP Options Method enable. I only know how to disable this on VIP IP using HTTP profile/irule but couldnt find a way to disable this on Mgmt interface. Could anyone let me know how can I accomplish this. Many thanks!

3 REPLIES 3

tuannguyen1712
Altocumulus
Altocumulus

I'm looking for the solution!!!

Samir
Nacreous
Nacreous

You can restrict management ip address(SSH n HTTPS) rather then disabling options method.

 

  1. SSH https://support.f5.com/csp/article/K5380 
  2. HTTPS https://support.f5.com/csp/article/K13309

Thanks​

Jorge_A
Nimbostratus
Nimbostratus