Best form to restrict http method

Question

What is the best option if i want to restrict http method with http profile or Irule?&nbsp;

samir_jha_52506 · Answer

As my understanding, We can't think L7 ADC without HTTP method(GET , POST, etc). In that case use L4 forwarding VIP to restrict http method.&nbsp;
@Expert, Please add your points.&nbsp;

abdessamad1 · Answer

Dear,
I don't think it's possible via a http profile.
But you can use an iRule or a LTM policy to restrict. Here is an example of the iRule:
when HTTP_REQUEST {
    switch [HTTP::method] {
        "GET" -
        "POST" -
        "HEAD" {
            return
        }
        default {
            HTTP::respond 403
        }
    }
}

stanislas_piro2 · Answer

In HTTP profile Enforcement section, you can define :&nbsp;
Known Methods : list all allowed methodsUnknown Method : Reject to deny all methods not in Known Methods list.

Forum Discussion

Best form to restrict http method

Recent Discussions

How to Renew F5 Device Certificate

How to export a list of paired external service providers from APM?

BIG-IP Edge Endpoint Inspection Failure pre-VPN

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Related Content

Office 365 Tenant Restrictions

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

HTTP method conversion

F5 iRule Geolocation restriction

Irule for restricting access

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS