Modified Domain Cookie blocking

Question

We have recently installed a pair of F56400s (v9.4.3) in front of our website with ASM in blocking mode.  
&nbsp;  
&nbsp; Despite the fact that our Website only utilises a handful of cookies (all configured within the ASM) we are seeing and blocking loads of Modified Domain Cookie violations.  
&nbsp;  
&nbsp; It would appear that when users are visitng our website their browsers are trying to present cookies that are nothing to do with our domain whatsoever which the F5 is blocking because it, quite rightly, does not recognise the cookie as being from the application.  This action, however, is blocking the users from our site 
&nbsp;  
&nbsp; Modified Cookie Violation is another standard ASM policy feature which we have not altered so, to my way of thinking, anyone with an F5 will be experiencing the same kind of problem. 
&nbsp;  
&nbsp; Does anyone have the same issue?  Does anyone know why we are seeing this behaviour i.e. browsers trying to give us cookies we don't want.  
&nbsp;  
&nbsp; Any feedback/advice would be gratefully received

hooleylist · Answer

(Click here) 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Modified Domain Cookie blocking

1 Reply

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

domain blocking

modified domain cookies

Enriching AFM with public domain Threat Intelligence

iRule to modify a content-security-policy header

Block traffic