Forum Discussion

iRule's avatar
iRule
Icon for Cirrus rankCirrus
Mar 12, 2023

Block access to one specific URL containing a keyword from ASM

Dear Support,

Using ASM, I need to block access to one specific URL if request contains a keyword  "KHTML". All other URLs requsts containing "KHTML" should not be blocked.

Kindly support in this regards

 

  • Hi iRule,

    yes, that's possible. One way to achieve this would be:

    1. Create an Attack Signature that looks for .khtml in the query string and assign it to the ASM policy.

    2. Create a wildcard URL where you want to block the khtml extension, like /subfolder1/*, in the allowed URLs.

    3. Add the Signature to your ASM policy.
    4. Create an exception for any URL, not use the attack signature. In my example, I created an exception for the wildcard (*) URL.

    This way the block-khtml Attack Signature will only be applied to the Allowed URL you created.

    KR
    Daniel