Forum Discussion

Nimbostratus

Jul 27, 2016

Block Source IP using a blocklist hosted on a webserver

Currently we utilize a web server to host a blocklist that some of our other security devices use to block IP addresses. It allows us to maintain 1 list for all devices. Can the F5 ASM or LTM utilize...

Nacreous

Jul 27, 2016

Hi,

this list can be uploaded as an ifile. You can also do a lookup using sideband connections in irules

Yann_Desmarest_

Nacreous

Jul 27, 2016

You can create an ifile using the following command :

tmsh create sys file ifile blacklist source-path http://hostname.com/uri

and then update it using the following command :

tmsh modify sys file ifile blacklist source-path http://hostname.com/uri

The filesize for a single iFile was raised to 32Mb in 12.1.0. Prior versions limited the size to 4Mb.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Block Source IP using a blocklist hosted on a webserver

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

block a specific user

which virtual server will be hit?

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

APM - Portal access - Issue

F5 bot defense - false positives

Related Content

Restsh is now available under an Open Source license!

Phishing, Malware, Breach and Open-Source Security

LTM Monitoring IIS and Webserver Binding

The Power of Source Address

SIKE, DuckDuckGo's Blocklist and F5's QSN - F5 SIRT This Week in Security - July 31st-Aug 6th 2022

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS