For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Igor430's avatar
Igor430
Icon for Altostratus rankAltostratus
Nov 24, 2016

Blocking Exchange 2010 ECP while allowing OWA

Using Big IP 12.1.1, I have OWA+Activesync enabled through the exchange iApp and I'd like to block /ECP. Currently when I login to owa I can simply type "/ecp" instead of /owa in the URL and it comes up, but I'd like to block that.

 

I tried creating an ACL but not sure how to tie it in so that it works. Also tried removing the resource item "https://hostname:443/*" (the other sub resources with /owa/ are already listed) in Portal Access Links.

 

Anything else I can try on the F5? Perhaps an irule?

 

1 Reply

  • This should work:

    when HTTP_REQUEST {
        if { [string tolower [HTTP::uri]] starts_with "/ecp" } {
        reject
        }
    }