Forum Discussion

Nimbostratus

Dec 15, 2011

Mark cookie as secure

We have 2 virtual servers for an IIS site, one for http and the other for https, but they use the same pool on port 80. Is there a way to mark all of session cookies leaving the https VS as secure s...

Nimbostratus

Dec 15, 2011

Hi Michael,

Thanks for the response. It deosn't appear to e working. I copied my existing 443 VS and applied the rule to the copy, but the cookie appears unchanged.

This is what I get;

Set-Cookie: ASPSESSIONIDASTACBAT=JFALACPAOAOKCFJDEBIJGEIM; path=/

But this is what I need;

Set-Cookie: ASPSESSIONIDASTACBAT=JFALACPAOAOKCFJDEBIJGEIM; path=/; secure

Dave

Forum Discussion

Mark cookie as secure

Recent Discussions

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Inquiry on F5's Maintenance Mode Feature for Pool Members

Ansible modules for F5OS

VPN fragmented IP packets dropped

Related Content

Increased Security With First Party Cookies

Auditing Security Policy Updates

Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio

Remove Quotation marks

Get Started with WAAP Security Incidents