Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Scooter_372595's avatar
Scooter_372595
Icon for Nimbostratus rankNimbostratus
Sep 21, 2018

Access Control based on URI and Referer

Hi I have a situation where I need an Irule to control access to a site I control.   The rules I need are:   a) To allow access based on a uri, eg https://mysite.com/scooter/scooterspagers/*  ...
application delivery
irules
LTM
Scooter_372595's avatar
Scooter_372595
Icon for Nimbostratus rankNimbostratus
Oct 17, 2018

Thanks for your suggestions, I couldn't get them to work for me though, however the below did work as required.

 

when HTTP_REQUEST { if { not ( [HTTP::uri] contains "/scooter/vespa/" ) } { if { $static::ref_debug } { log local0. "Incoming referer: [HTTP::header Referer]" } switch -glob [string tolower [HTTP::header Referer]] { "https://.scooter.com" { if { $static::ref_debug } { log local0. "From allowed referrer - allow" } return } "http://.example.com*" { if { $static::ref_debug } { log local0. "local domain - allow" } return } default { if { $static::ref_debug } { log local0. "from disallowed referer - redirect" } HTTP::redirect [HTTP::header Referer] } } } }