Cross Origin Resource Sharing (CORS) is a mechanism that allows your system to access resources from a different domain than the domain the original request was made to. By default, you can’t support F5 BIG-IP CORS requests directly to its management application. This includes the REST api. It’s a bit of a tricky functionality as it is prone to abuse if not properly implemented. Continue reading “F5 BIG-IP CORS – What is it, and how to enable”
In the last post, we set up a basic configuration, but didn’t do much in the way of optimizing how it works. Today, we’ll look at F5 BIG-IP profiles. These are a way to modify the way the virtual server works. You can do things that change the behavior of the BIG-IP virtual server. For example, adding SSL or inserting X-Forwarded-For Headers into the web logs. Continue reading “F5 BIG-IP Profiles”
This is a question I get all the time… What is a WAF? Since I maintain our WAF for my job, I usually need to educate and convince co-workers, management, application owners about why and how we should deploy our WAF. Let’s start with the objections I usually run into, and why you still should have a WAF, and then dig a bit deeper into what a WAF is really doing.
Myth 1: I have a firewall, I don’t need a WAF!
In the VIP we created in the basic load balancing virtual, we used the default TCP F5 BIG-IP health monitor. Although its not terrible, its not really a great monitor. Same applies to the default HTTP monitor. Take a look below at the configuration of the default: Continue reading “Better F5 BIG-IP Health Monitor”