Forum Discussion

Olowndez's avatar
Olowndez
Icon for Nimbostratus rankNimbostratus
Jan 30, 2020

Encrypt the name or rename the AVR cookies

Hello folks:

 

I have some virtual servers which have the analytics profile enabled, so I am able to collect statistics of the traffic passing through such vs. However, after performing an Ethical Hacking procedure in my infrastructure, I was requested to rename the cookies that AVR uses such us: f5_cspm=; f5avrbbbbbbbbbbbbbbbb=; f5avrbbbbbbbbbbbbbbbb or encrypt their names. Such names are visible to attackers so I need them to be changed to some less F5-descriptive ones. Here https://devcentral.f5.com/s/question/0D51T00006i7k1N/how-to-rename-cspm-cookie-name there is only the process to rename the f5_cspm cookie. F5 says that the other cookies that start with f5avr cannot be renamed. How could achieve this requirement?

 

Thanks

 

2 Replies

  • https://support.f5.com/csp/article/K14815

    ◘ You cannot modify a cookie name that is set by the AVR module.

    ◘ Beginning in BIG-IP 11.4.0, the cookie is also encrypted and should be considered safe by security scanning devices.

  • Zev's avatar
    Zev
    Icon for Altostratus rankAltostratus

    You can most definitely use similar logic as the article points out:

     

    modify sys db avr.cookieprefix value "my new avr prefix"

     

    It is not controlled by the AVR module.