Forum Discussion

Nimbostratus

Feb 07, 2011

Access control for specific url

All, I am trying to limit access to a certain url for our company using a iRule, basically all access to api.example.com will need to be open but access to api.example.com/tools will n...

Cirrostratus

Feb 07, 2011

Also, it looks like I missed a logic problem. Can you try this? It assumes you want all requests to go to the virtual server's default pool, except those to /tools that don't come from an internal IP address range.


when HTTP_REQUEST {

   if { [HTTP::uri] starts_with "/tools" }{
      if { not [matchclass [IP::remote_addr] equals private_net] } { 
         reject
      }
   }
}

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Access control for specific url

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Advanced API Access Control with BIG-IP APM – Part II

Access Control Based on IP

ExternalName Service and Authentication Subrequests with NGINX Ingress Controller

Testing the security controls for a notional FDX Open Banking deployment

OWASP Tactical Access Defense Series: Unrestricted Resource Consumption

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS