Forum Discussion

Nimbostratus

Mar 15, 2019

Allowed URL with Parameter

Hello, everybody, I have inferential problem. I have two URLs, one should be allowed and the other should not be allowed. /prweb/*/!STANDARD?pyActivity= --> allowed /prweb/*/!STANDARD ...

Cumulonimbus

Mar 15, 2019

In ASM, there is no rule to deny url without parameter but only defining allowed parameters...

If you want to do it, you have to write an irule...

when HTTP_REQUEST { 
    if {!([string match [HTTP::path] "/prweb/*/!STANDARD"] && [HTTP::query] starts_with "pyActivity")} {    
        drop        
    }    
}

You can also do it within a LOCAL TRAFIC POLICY with same logic

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Allowed URL with Parameter

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Is it possible to create a Single Pool with multiple ports ?

F5 object groups in AFM

Round-robin method not load balanced

F5 ASM with fortisandbox

Disabling signature for a URL

Related Content

Define allowed character in ASM for JSON parameter

Brute Force protection for single parameter like OTP

Wildcard Parameter signature attack

Parameter Value - Regular Expression

AWAF Path Parameters with OPENAPI json file

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS