Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Encrypt the name or rename the AVR cookies

Olowndez
Nimbostratus
Nimbostratus

‎29-Jan-2020 18:14

Hello folks:

 

I have some virtual servers which have the analytics profile enabled, so I am able to collect statistics of the traffic passing through such vs. However, after performing an Ethical Hacking procedure in my infrastructure, I was requested to rename the cookies that AVR uses such us: f5_cspm=; f5avrbbbbbbbbbbbbbbbb=; f5avrbbbbbbbbbbbbbbbb or encrypt their names. Such names are visible to attackers so I need them to be changed to some less F5-descriptive ones. Here https://devcentral.f5.com/s/question/0D51T00006i7k1N/how-to-rename-cspm-cookie-name there is only the process to rename the f5_cspm cookie. F5 says that the other cookies that start with f5avr cannot be renamed. How could achieve this requirement?

 

Thanks

 

Labels:
0 Kudos
2 REPLIES 2

Andrew-F5
F5 Employee
F5 Employee

‎31-Jan-2020 08:01

https://support.f5.com/csp/article/K14815

◘ You cannot modify a cookie name that is set by the AVR module.

◘ Beginning in BIG-IP 11.4.0, the cookie is also encrypted and should be considered safe by security scanning devices.

0 Kudos

Zev
Altostratus
Altostratus

‎03-Dec-2020 14:21

You can most definitely use similar logic as the article points out:

 

modify sys db avr.cookieprefix value "my new avr prefix"

 

It is not controlled by the AVR module.

0 Kudos
Copyright © 2023 Khoros, LLC