Follow

Issue: Silverline Cookie Limit in HTTP Headers

Description

Silverline WAF customers who have applications that include more than 256 cookies in HTTP Response/Request headers may experience blocked requests from their Web Application Firewall proxy.

Should you have any questions about this issue, please contact the SOC.

Environment

  • Silverline WAF

Cause

  • Silverline WAF policy limits to 256 cookies. 

Resolution

To view and confirm if you are experiencing the cookie limit issue, customers can log into their portal account and from the top menu, select Monitor & Analyze > WAF Violation Summary.  

Screen_Shot_2018-06-04_at_4.02.24_PM.png

The violation will appear in the summary under the violations column.  Customers can scroll down, locate and select the Modified domain cookie(s) category.  

 

waf_violation.png  

Once the selection is made, customers will see a listing of all the violations.  They can select a violation to obtain more detail:

mceclip0.png

The following XML metadata will be generated, look for <too_many_cookies>1</too_many_cookies>  to confirm the Cookie Limit in HTTP headers issue

<?xml version="1.0" encoding="UTF-8"?>
<BAD_MSG>
<request-violations>
<violation>
<viol_index>54</viol_index>
<viol_name>VIOL_COOKIE_MODIFIED</viol_name>
<too_many_cookies>1</too_many_cookies>
</violation>
</request-violations>
</BAD_MSG>

If you do run into this issue and would like it to be resolved, please open a ticket with the SOC, and provide the following information:

  • Name of the WAF policy/policies
  • Support ID of the violation related to <too_many_cookies>1</too_many_cookies> to confirm the behavior

The SOC will then tuned the WAF policy by disabling the check for the Modified Domain Cookie(s) module of the WAF policy. 

Related Content 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request