ASM : disabling attack signatures on a specific cookie

Question

Hello,&nbsp;
&nbsp;I would like to disable some attack signatures on a specific server generated cookie on a LTM/ASM v10.2.4. This is pretty straightforward to do this for a parameter but it does not seem possible to configure ASM to do this for a specific cookie. The only workaround seems to disable globally the signature for all headers which is not a satifsying solution.&nbsp;
&nbsp;Is there anything I missed in the ASM configuration ? &nbsp;
&nbsp;Kind regards,
&nbsp;Romain&nbsp;

hooleylist · Answer

Hi Romain, 
&nbsp;  
&nbsp; In 11.x you can enforce specific cookies. You can disable an attack signature on a per-header name=value basis using Header-Based Content Profiles that are configured on a URL.  In v10, I think you're stuck disabling the signature on all headers. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

ASM : disabling attack signatures on a specific cookie

1 Reply

Recent Discussions

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Related Content

Disabling Specific Weak Cipher Suites

ASM irule to disable attack signature authorization header with specific value

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

How to disable only TLS v1 & TLS v1.1 on specific virtual server

Disabling Weak Ciphers