cancel
Showing results for 
Search instead for 
Did you mean: 

Encrypt the name or rename the AVR cookies

Olowndez
Nimbostratus
Nimbostratus

Hello folks:

 

I have some virtual servers which have the analytics profile enabled, so I am able to collect statistics of the traffic passing through such vs. However, after performing an Ethical Hacking procedure in my infrastructure, I was requested to rename the cookies that AVR uses such us: f5_cspm=; f5avrbbbbbbbbbbbbbbbb=; f5avrbbbbbbbbbbbbbbbb or encrypt their names. Such names are visible to attackers so I need them to be changed to some less F5-descriptive ones. Here https://devcentral.f5.com/s/question/0D51T00006i7k1N/how-to-rename-cspm-cookie-name there is only the process to rename the f5_cspm cookie. F5 says that the other cookies that start with f5avr cannot be renamed. How could achieve this requirement?

 

Thanks

 

2 REPLIES 2

Andrew-F5
F5 Employee
F5 Employee

https://support.f5.com/csp/article/K14815

◘ You cannot modify a cookie name that is set by the AVR module.

◘ Beginning in BIG-IP 11.4.0, the cookie is also encrypted and should be considered safe by security scanning devices.

Zev
Altostratus
Altostratus

You can most definitely use similar logic as the article points out:

 

modify sys db avr.cookieprefix value "my new avr prefix"

 

It is not controlled by the AVR module.