Forum Discussion

Nimbostratus

Jun 01, 2010

Allow based on IP for uri starts_with

Hi, I am trying to come up with an iRule to only allow people to login to a certain page of our app if they originate from a single IP. Basically you can login to www.foo.com/admin if you come from 1...

Nimbostratus

Jun 01, 2010

What you've got should do a good job.

My only suggestion would be to create a Data Group (iRules -> Data Group List -> Create (Group of Addresses)) that you could add additional qualifying IP Addresses to without having to add any to the actual iRule.


when HTTP_REQUEST {
if { ([HTTP::uri] starts_with "/admin") and ([matchclass [IP::remote_addr] equals $$IPAddressDataGroup]) } {
HTTP::redirect "https://foo.com/admin/index/index/"
}
else {
HTTP::redirect "https://foo.com/login/index/login/"
}
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Allow based on IP for uri starts_with

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Demystifying Time-based OTP

Cookie-based DDoS protection

Class match with starts_with - Data group matching order

iRule based RADIUS Client Stack

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS