ChrisMaKi_15830
Mar 06, 2013Nimbostratus
hundreds of modified asm cookie violations after software upgrade
We've upgraded our BigIP from 9.4.3 to 11.1.0 Build 2268.0 Hotfix HF5. This is the latest software version which is supported by our appliance.
Since that time the number of modified asm cookie violations raised extremely. Every week we have hundreds of new violations. Before the upgrade, we had less than 10 asm cookie violations in a week.
Most of these requests are from the googlebot. e. g.
From: googlebot(at)googlebot.com
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
X-Forwarded-For: 66.249.78.89
But there are a lot of other requests which look like valid requests being sent from a web browser.
I don't think that this is an attack against our website, because those violations occured right after our BigIP software upgrade. So I assume this is a problem with the new software version. However I don't want to disable the modified asm cookie violation. Is this a known problem and can it be solved?
I'd be glad about help. Thanks in advance.