Forum Discussion

Altostratus

Nov 24, 2016

Blocking Exchange 2010 ECP while allowing OWA

Using Big IP 12.1.1, I have OWA+Activesync enabled through the exchange iApp and I'd like to block /ECP. Currently when I login to owa I can simply type "/ecp" instead of /owa in the URL and it comes up, but I'd like to block that.

I tried creating an ACL but not sure how to tie it in so that it works. Also tried removing the resource item "https://hostname:443/*" (the other sub resources with /owa/ are already listed) in Portal Access Links.

Anything else I can try on the F5? Perhaps an irule?

BIG-IP Access Policy Manager (APM)

MVP

This should work:

when HTTP_REQUEST {
    if { [string tolower [HTTP::uri]] starts_with "/ecp" } {
    reject
    }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Blocking Exchange 2010 ECP while allowing OWA

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

MS Exchange ProxyNotShell block implemented via iRules

allow one url from blocks geolocation

The Business Partner Exchange - An F5 Distributed Cloud Services Demonstration

Rustls with NGINX, Password Based Key Exchange, & Llama Drama

WAF - Allow uploads of only files with certain extensions and block all other file uploads

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS