Forum Discussion

Altostratus

Jan 17, 2021

Block access to apps by browser. Allow only iPhone or Android accesss

Customer has an application that they want access only through the mobile device app. They have recently found that the application can be accessed through any browser. We have configured the foll...

Altostratus

Hello Daniel,

Thanks for your reply. Will try this out but gave caution to customer as well.

What do you suggest how best to go about this requirement - allow only the access through mobile app (iPhone and Android) ?

jaikumar_f5

MVP

Jan 20, 2021

I assume even with APM, its still going to check the user-agent variable & thats going to validate against if it contains "iPhone" or "android" as such. I think WAF would have this advanced detection.

But if the requirement is to allow mobile users alone, then the Irule should work. Anyone who knows to tamper the header, can still get the data.

Is the application internal or external facing ?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Block access to apps by browser. Allow only iPhone or Android accesss

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 Labs uncovers new Android malware strain MaliBot

APM - Close Browser

Ending an APM session when browser tab is closed

Removal Cookies on Client Browser

BIG-IP Edge Client 2.0.2 for Android

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS