F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Andre-Germany's avatar
Andre-Germany
Icon for Nimbostratus rankNimbostratus
Mar 15, 2019

Allowed URL with Parameter

Hello, everybody,   I have inferential problem. I have two URLs, one should be allowed and the other should not be allowed.   /prweb/*/!STANDARD?pyActivity= --> allowed   /prweb/*/!STANDARD ...
ASM Advanced WAF
iRules
security
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Mar 15, 2019

In ASM, there is no rule to deny url without parameter but only defining allowed parameters...

If you want to do it, you have to write an irule...

when HTTP_REQUEST { 
    if {!([string match [HTTP::path] "/prweb/*/!STANDARD"] && [HTTP::query] starts_with "pyActivity")} {    
        drop        
    }    
}

You can also do it within a LOCAL TRAFIC POLICY with same logic