Forum Discussion

Sharank's avatar
Sharank
Icon for Nimbostratus rankNimbostratus
Dec 20, 2017

Query on Cookie

Dear All,

 

Have a query regarding Cookie encryption.

 

One of my application requires cookie not to be encrypted, leaving my Virtual IP address exposed.

 

Is it possible to encrypt only the IP address part of the cookie and leave the rest RAW (UN-encrypted)

 

Need your guidance / suggestions on the same

 

Thank you

 

1 Reply

  • in general with an iRule you can do what you want, for example taking parts of the cookie content and encrypting that, but leaving the rest. the built in functionality won't do this for you.

     

    you could consider two cookies, one with what needs to be unencrypted and one with encryption.

     

    also isn't your webserver behind the big-ip, why is encryption a problem then? it is encrypted between the client and big-ip, but unencrypted to the webserver.

     

    can you show the content of the cookie? because the remark leaving the virtual ip address exposed doesn't make quite sense.