All urls which are not like _https://uat.kamlesh.com/alfresco/api should not work

Question

Hello,
We have created VIp for url - https://uat.kamlesh.com/alfresco/api/
and client wants that he must be able to reach this url -https://uat.kamlesh.com/alfresco/api/ and if anyone trying to access with anything else must be rejected.&nbsp;
In fact all urls which are not like _https://uat.kamlesh.com/alfresco/api should not work.I need IRULE for the same.
Please anyone could help in this.It would be very helpful.Thanks in advance.&nbsp;
Regards
Kamlesh Y&nbsp;

youssef1 · Answer

if I understand you want to create a whitelist, to allow just a specific URL. If it is the cas this irule can help you:&nbsp;
when HTTP_REQUEST {&nbsp;
set uri [string tolower [HTTP::uri]]&nbsp;
if { $uri equals "/alfresco/api/ || $uri equals "/alfresco/api" }{&nbsp;
log loca0. "allow access"&nbsp;
} else {&nbsp;
log loca0. "Access denied for the following uri: $uri"&nbsp;
reject&nbsp;
}&nbsp;
}&nbsp;
Regards&nbsp;

yann_desmarest · Answer

Hello,
Try this one : 
when HTTP_REQUEST {
  if { ! ([HTTP::host] equals "uat.kamlesh.com" and [HTTP::path] starts_with "/alfresco/api") } {
    reject
     alternative : HTTP::respond 403 content "request not authorized"
  }
}

youssef1 · Answer

corrected and functional irule:
when HTTP_REQUEST {
set uri [string tolower [HTTP::uri]]
if { $uri equals "/alfresco/api/" || $uri equals "/alfresco/api" } {
log local0. "allow access"

} else {
log local0. "Access denied for the following uri: $uri"

reject

}
}

Forum Discussion

All urls which are not like _https://uat.kamlesh.com/alfresco/api should not work

3 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS