Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 kit lau (kitl7500)
Australian Bureau of Statistics
Dev
Australian Bureau of Statistics
AU
kitl7500 Member since 2017 6 posts
Australian Bureau of Statistics
Posted: Feb 15, 2021
Last activity: Feb 15, 2021
Posted: 15 Feb 2021 2:55 EST
Last activity: 15 Feb 2021 4:20 EST
Closed

F5 WAF blocks pega packet over cookies pega-perf contains "&start"

 
F5 WAF detects and blocks pega packets that contains 2&start inside pega-perf in cookies:
Cookie: Pega-Perf=itkn=2&start; Pega-RULES=	{pd}AAAAAR8M/Nqm....

This leads to pega page freezes and stuck on blank screen 

 

Can you please show us what is '&start' for ?

If this value is optional , how do I not pass this value into the cookies?

 

F5 log

Violation Details

Attack signature detected [1]

Detected Keyword

itkn=2&start
Attack Signature StagedID

200003654

Name

"start" execution attempt (Parameter)
Context Cookie
Actual Cookie Name

Pega-Perf
Wildcard Cookie Name Staged

*
Cookie Value itkn=2&start
Applied Blocking Settings Staged Likely False Positive

 

***Edited by Moderator: Pooja Gadige to add platform capability tag***
To see attachments, please log in.
Pega Platform 8.4.1
Security
Government
Experience Designer

Related content:

Related content has not currently been identified for this post.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice