It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

How can I rewrite the cookie path set by the backend web server on a Barracuda Web Application Firewall?

  • Type: Knowledgebase
  • Date changed: 2 years ago
Solution #00006228

This solution applies to all Barracuda Web Application Firewall 460 and above models.


We have to configure a response rewrite rule on WAF to achieve this.

The Response rewrite rule should have this form:

Rule Name: change_cookie_path
Sequence Number: 1
Action: Rewrite Header
Header Name: Set-Cookie
Old Value = (.)*Path=/xxx(.)*
Rewrite Value: $1Path=/ext-prefix/xxx$2
Rewrite Condition: *

Important note:
  • The $1 in rewrite condition will replace first occurrence of (.)* in the old value.
  • The $2 in rewrite condition will replace second occurrence of (.)* in the old value.
  • The ext-prefix value is the external URL that we need to add when cookie is going out of WAF
Set cookie done by the server: Set-Cookie: jsessionid=testing path=/xxx/dir1/

Set cookie sent by WAF after rewriting: Set-Cookie: jsessionid=testing path=/ext-prefix/xxx/dir1/