Forum Discussion
iRule
Cirrus
CirrusBlock requests from web browser and only allow from clients application in ASM
Dear Community,
I have a requirment to allow email application traffic initialated from email clinets i.e outlook, boxer only and block all traffic initiated from web browsers. Please inform how we can accomplish this using ASM.
Best Regards
- Daniel_Wolf
MVP
Hi iRule,
you are not giving away a lot of information, like clients coming from internal / external IP adress ranges, or type of mail server (Exchange, Zimbra,...). Therefore my recommendations cannot be very specific to your issue.
However, the solution for your issue doesn't require ASM. You can use iRules or Local Traffic Policy to block access to a specific URLs (HTTP::path) or to block access by source IP (IP::client_addr) or by User-Agent String ([HTTP::header "User-Agent"]).
Of coure you can also use ASM and either set a disallowed URL or an IP Address Exception (Always Block this IP).A word of caution: Personally, I consider blocking by User-Agent string as rubbish. UA strings can easily be spoofed.
KR
Daniel - Nikoolayy1
I agree that blocking User-Agent is useless but F5 Bot signatures also check header order and if there are missing HTTP headers and maybe this feature in the Bot profile "Browser Access(BIG-IP 15.x and later)" set to "Block" you can test https://my.f5.com/manage/s/article/K42323285
