Bug ID 1239325: Issue when Management IP address is configured to have public internet access on F5OS

Last Modified: May 29, 2024

Affected Product(s):
F5OS F5OS(all modules)

Known Affected Versions:
F5OS-A 1.3.1, F5OS-A 1.3.2, F5OS-A 1.4.0

Fixed In:
F5OS-C 1.6.0, F5OS-A 1.5.0

Opened: Feb 13, 2023

Severity: 3-Major

Symptoms

The F5OS webUI allows web crawlers access to all content when the Management IP address is configured to have public internet access.

Impact

This impedes the ability to satisfy internal security compliance mandates.

Conditions

If the Management IP address is configured to have public internet access.

Workaround

To mitigate the issue, you can manipulate the contents of the robots.txt file inside the webUI container as demonstrated below: $ ssh root@10.238.160.60 root@10.238.160.60's password: [root@appliance-1 ~]# docker exec -it vanquish-gui bash [root@d6303361e100 /]# cd /app/build [root@d6303361e100 build]# echo "User-agent: *" > robots.txt [root@d6303361e100 build]# echo "Disallow: /" >> robots.txt [root@d6303361e100 build]# cat robots.txt User-agent: * Disallow: / [root@d6303361e100 build]# exit exit [root@appliance-1 ~]# exit logout Connection to 10.238.160.60 closed.

Fix Information

Robots.txt now disallows web crawlers access to any content.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips