Forum Discussion

mguned_60772's avatar
mguned_60772
Icon for Nimbostratus rankNimbostratus
Sep 09, 2011

Block URI from Internet

Hello,     Is it possible to block a specific URI from the Internet? Example, if http://abc.com is Internet facing... would it be possible to block only http://abc.com/xyz and allow any other U...
application delivery
dev
devops
iRules
Michael_Yates's avatar
Michael_Yates
Icon for Nimbostratus rankNimbostratus
Sep 09, 2011
You could do that.

But if you wanted to do it all in the same place you could do something like this:

Create a Data Group "AllowedSubnets" that contains the subnets / IP Addresses that you want to be allowed to access this location.

Then create an iRule like this (This iRule uses "class match" which is a v10.x.x method. If you have v9.x.x you can use "matchclass" and access the datagroup as "$::AllowedSubnets" instead of "AllowedSubnets") 

 
when HTTP_REQUEST {
if { ([HTTP::uri] starts_with "/xyz") and !([class match [IP::remote_addr] equals AllowedSubnets]) } {
HTTP::redirect "http://[getfield [HTTP::host] ":" 1]/"
}
}

This logic requires two parts. The URI must start with "/xyz" and the Client IP Address is not in the allowed list. Then they will be redirected.

If the URI does not match or if the URI does match and the Client IP Address is in the allowed list, then the traffic will flow through normally without being redirected.