Forum Discussion
Block requests from web browser and only allow from clients application in ASM
Dear Community,
I have a requirment to allow email application traffic initialated from email clinets i.e outlook, boxer only and block all traffic initiated from web browsers. Please inform how we can accomplish this using ASM.
Best Regards
I agree that blocking User-Agent is useless but F5 Bot signatures also check header order and if there are missing HTTP headers and maybe this feature in the Bot profile "Browser Access(BIG-IP 15.x and later)" set to "Block" you can test https://my.f5.com/manage/s/article/K42323285
Hi iRule,
you are not giving away a lot of information, like clients coming from internal / external IP adress ranges, or type of mail server (Exchange, Zimbra,...). Therefore my recommendations cannot be very specific to your issue.
However, the solution for your issue doesn't require ASM. You can use iRules or Local Traffic Policy to block access to a specific URLs (HTTP::path) or to block access by source IP (IP::client_addr) or by User-Agent String ([HTTP::header "User-Agent"]).
Of coure you can also use ASM and either set a disallowed URL or an IP Address Exception (Always Block this IP).A word of caution: Personally, I consider blocking by User-Agent string as rubbish. UA strings can easily be spoofed.
KR
Daniel
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com