Forum Discussion

Nimbostratus

Dec 12, 2018

ASM TS challenge and caching

F5 ASM 13.1.0 is placed behind a CDN. TSPD challanges injected in the web page is cached in the CDN, diable the cache option is not possible on the CDN, the assupmtion here is that the tspd toke...

ASM Advanced WAF

security

samstep

Cirrocumulus

Jan 20, 2019

Only the static content (images/stylesheets/fonts/js/PDF files) should be placed behind CDN. The best practice is to put all static content onto a separate subdomain such a static.example.com or media.example.com

F5 ASM is a security device to protect the Dynamic contact (login pages, portals, applications,etc).

In case if the static contact is the part of the same application (e.g. /static subfolder) you can use the local traffic policy to disable ASM on that static content path. You can also disable the caching of dynamic pages by injecting 'Cache-Control: no-cache' HTTP header if the application you are trying to protect with F5 ASM is not doing it for some reason

Forum Discussion

ASM TS challenge and caching

Recent Discussions

HIRE ADRIAN LAMO HACKER TO RECLAIM LOST CRYPTOCURRENCY

rSeries and tenant upgrades

redirect not working

cat and grep command for rst messages

iRule resulting in too many redirects

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

End of Year 2022 security challenges and new year wishes

Journey to the Multi-Cloud Challenges

Google reCAPTCHA Challenge iRule

3. SYN Cookie: SYN Cache