For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Jinshu's avatar
Jinshu
Icon for Cirrus rankCirrus
Dec 14, 2015

ASM to block a specific URI

Hi All,

I have to configure ASM to block a specific URI 

/web-admin/admin/
. Can anyone help with this please. I have configured it as disallowed url, no luck. Even I have created an irule and applied it, same result.

any idea?

The irule which I have created look like below.

when HTTP_REQUEST {
  set reqBlock 0
  if { ([HTTP::uri] contains "/web-admin/admin")} {
  set reqBlock 1
  }
}

when ASM_REQUEST_DONE {
  if { $reqBlock == 1} {
    ASM::raise FLOW_TO_OBJ
  }
}

-Jinshu

ASM Advanced WAF
security

1 Reply

  • Hannes_Rapp's avatar
    Hannes_Rapp
    Icon for Nimbostratus rankNimbostratus
    Dec 14, 2015

    Hello,

     

    You can use a Disallowed URL here, as you're trying - no need for any iRule magic. Did you check your Policy Blocking Settings? Does it have Block checkbox selected for "Illegal URL"? If not, go ahead and select it, apply the policy changes, and you're done.