Forum Discussion

Mick39_201768

Nimbostratus

May 12, 2015

Block HTTPS access from specific user agent

Dear community, I want to block HTTPS access from specific user agent(UA). I found this topic following, https://devcentral.f5.com/questions/block-a-user-agent-with-an-irule and I want some ide...

MVP

May 12, 2015

Try this:

when HTTPS_REQUEST { 
    log local0. "User-Agent:[HTTPS::header "User-Agent"]" 
    if { [string tolower [HTTPS::header "User-Agent"]] == "mozilla/4.0" && !([IP::addr [IP::client_addr] equals 1.1.1.1]) } { 
        drop 
        log local0. "Rejected request: [IP::remote_addr] User-Agent:[string tolower [HTTPS::header "User-Agent"]] requested [HTTPS::host][HTTP::uri]" 
    }
}

Replace 1.1.1.1 with whatever IP you want to allow. Please note that this rule require an SSL profile and an HTTP profile on the virtual server.

If you have multiple IP's it might be worth looking into a data group list.

Good luck!

/Patrik

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Block HTTPS access from specific user agent

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Response and blocking page

Zero Trust building blocks - Machine Identity Management (MIM) and Workload Protection

Block Log4j with use of IOCs

iRule for blocking specific string in header & displaying blocking page

check the utilization on specific node

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS