Forum Discussion

f5gurunot's avatar
f5gurunot
Icon for Cirrus rankCirrus
Feb 09, 2023

BIG-IP 17.0 ASM Cookie based allow requests

Is it possible to allow requests through the ASM if the client sending the request has a unique cookie with a particular value?  I want to whitelist these requests based on this cookie.  If this is possible would someone please share with me how this is accomplished?

  • You can do using a local traffic policy:

    1. Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
    2. Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
    3. Reorder the rules so this rule takes precedence over the default rule.
    4. Save and publish the policy
    5. From your VS, remove the ASM auto policy and assign your new policy.

     

     

  • You can do using a local traffic policy:

    1. Clone your existing ASM auto policy (which is assigned to the VS) to a new policy
    2. Add a rule to the new policy with the following condition: HTTP Cookie full string named 'x-you-cookie' contains 'your_string' at request time, and action disable ASM
    3. Reorder the rules so this rule takes precedence over the default rule.
    4. Save and publish the policy
    5. From your VS, remove the ASM auto policy and assign your new policy.