Modified domain cookie TSPD_101

Question

Based on the article we know that the cookie TSPD_101 can be set by ASM even there's no Proactive Bot Defence or DoS-Profile aktive.&nbsp;
We have set the type of the cookie with name: * to Enfored, which means that a cookie set (at server side) may not be changed by the client. Interesting is that ASM complains about TSPD_101 has been modified.&nbsp;
Do we have to define the TSPD_101 cookie explicit with type Allowed?&nbsp;

chris_grant · Answer

The cookie should not be modified by the client.  If you find that the client is modifying the TSPD_101 cookie, I would take an httpwatch capture and open a case with support.&nbsp;

Forum Discussion

Modified domain cookie TSPD_101

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

modified domain cookies

Enriching AFM with public domain Threat Intelligence

iRule to modify a content-security-policy header

domain blocking

Modifying iCall from TMSH