Forum Discussion
NimbostratusF5 AWAF - bypass request based on the pressence of a request header - value
The irules are the way to go. Only for HTTP headers that have an ip addresses like X-Forwarded-For / Real Client IP you can make the WAF policy to use the ip address in the header and bypass the WAF by using the trusted IP addresses option.
MVPYou can use an irule and ASM::disable when the header is seen.
For an example see:
https://my.f5.com/manage/s/article/K22021244
https://clouddocs.f5.com/api/irules/ASM__disable.html
bfmHello,
Thanks for the help. I was trying to not use irules for this. Isn't there a way to whitelist based on a header using the graphical interface?
Thank you.- Nikoolayy1
The irules are the way to go. Only for HTTP headers that have an ip addresses like X-Forwarded-For / Real Client IP you can make the WAF policy to use the ip address in the header and bypass the WAF by using the trusted IP addresses option.
