Forum Discussion
NimbostratusBlock Website URI for certain users
Hello Experts,
We want to block a particular website URI for external users and allow for internal users. It is https based website and SSL offload is happening on F5 LTM , help is much appreciated.
Below are the details:- Block https://xxx.com/rrr_i for internet users and ensure that it is accessible to internal users.
https://xxx.com/rrr_i (Internal, should not be visible for public internet)
https://xxx.com/rrr_e (external, to be visible for public internet)
6 Replies
Hi!
I'd probably create a data group list with the internal networks of the office (or external IP's of the offices) and match against that:
when HTTP_REQUEST { set uri [string tolower [HTTP::uri] if { $uri starts_with "/rrr_i" and ![class match [IP::client_addr] equals officenetworks] } { HTTP::respond 301 Location "https://xxx.com/rrr_e" You can also chose to drop the packet with the drop command too } }/Patrik
Mahmoud_Eldeeb_Cirrostratus
where will you place the iRule?
Apply it to the virtual server, or what do you mean?
/Patrik
- Mahmoud_Eldeeb_
yes, it should be applied to a VS. but which one? this is the question. as long as he is using a ssl-offload so he had two VS. for each
- Afroz_Ahmad_114I have one virtual server with 443 port with one node:443 and SSL offload is happening on the same virtual server at both side (client and server).
- Mahmoud_Eldeeb_
yes in this case, you have to have only one VS., which will terminate encryption for both sides (server/client) .
