AWS Health Checker Sessions in APM

Question

Good Morning,&nbsp;
What's the best way to clean or control sessions created by an External Health Check to my Virtuals protected by APM?&nbsp;
session.user.agent = ELB-HealthChecker&nbsp;
I was thinking an Empty Box Variable check and send directly to Deny, but I'm sure there's a more effecient method.&nbsp;
thanks!&nbsp;

august_winterst · Answer

In my testing of an AWS Network LB (TCP port 443 check) and Application LB (HTTPS request to the APM VS), the Network LB Health check did not leave any hung sessions in APM. For the Application LB, it should be configured to check '/my.logout.php3' instead of just '/'. Reasons:

going to the default of '/' results in a 302 for '/my.policy' and gives you a cookie. 302 isn't a valid response code by default in AWS and it opens a session in APM
going to '/my.policy' with the AWS health check results in a 302 for '/my.logout.php3' since the request doesn't contain a cookie that would have been provided when going to '/' and getting the 302 for '/my.policy'
going to '/my.logout.php3' does not require a cookie and results in a 200

Forum Discussion

AWS Health Checker Sessions in APM

1 Reply

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

CVE-2021 Checker iApp

Health monitor question

F5 Distributed Cloud - Regional Edge Health Monitoring Insights

iRule based RADIUS Health Monitor Builder

GTM health Monitoring and Probe