Allowing a user-agent by iRules

Question

Hi All,&nbsp;
I do not want to white-list an IP address as it is dynamic, but this dynamic IP address is pen testing our network.&nbsp;
Thus i want to allow a specific user-agent to be able to bypass the ASM policies for pen testing.&nbsp;
Will the below irule do the job?&nbsp;
when HTTP_REQUEST {
    if {[HTTP::header "User-Agent"] contains "MyAgent_Allow" } { 
return
    } else {
        drop
    }
}&nbsp;
Regards&nbsp;
Hussein&nbsp;

hussein_ghazy · Answer

an update to the iRule:

when HTTP_REQUEST {
    if {[HTTP::header "User-Agent"] contains "MyAgent_Allow" } { 
asm::disable
    } else {
        asm::enable
    }
}

tzoori_tamam_95 · Answer

You can use Local Traffic Policies in order to achieve just that, if you want to avoid iRules.&nbsp;

kai_wilke · Answer

Hi Hussein,
the { asm::disable } else { asm::enable } iRule looks valid to me. So it should work... 😉
Cheers, Kai

hussein_ghazy · Answer

Can i do something like IP whitelising to the user-agent, in order not to disable the ASM.

santhosh_k_s_28 · Answer

Please can you update if this worked.. we have a similar situation for a pen testing&nbsp;
when HTTP_REQUEST { if {[HTTP::header "User-Agent"] contains "MyAgent_Allow" } { asm::disable } else { asm::enable } }&nbsp;

Forum Discussion

Allowing a user-agent by iRules

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

User-Agent Irule to avoid APM policy

Allow user agents to scrape my website

allow one url from blocks geolocation

URL and User-Agent base allow

Custom attack signature syntax for multiple user agents

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS