Forum Discussion

Altocumulus

Nov 01, 2021

Filter request irule

Hi, is it possible to use an irule to block access (or redirect to a different address) if https://www.abc.com or https://www.abc.com/ was visited but still allow access to https://www.abc.com/123/ and any other sub-directories?

iRules

LTM

security

1 Reply

spalande

Nacreous

Nov 03, 2021

You can follow 2 approaches.

Neagtive Security - Allows everything, and reject what I know

when HTTP_REQUEST {
	 switch -glob [HTTP::uri] {
                "/" -
		"/abc"
		{
                      reject
		} 
		default {
		       return
		}
	}
}

Positive Security - Rejects everything and allow only what I know

when HTTP_REQUEST {
	 switch -glob [HTTP::uri] {
                "/123*" -
		"/234*"
		{
                    return
		} 
		 default {
		        drop
		}
	}
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Filter request irule

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

iRule causing requests to be duplicated (sometimes)

SSL Bridging and FQDN rewrite Policy

How can I get started with iCall

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

Related Content

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

Logging DNS Requests

iRule to take cookie from HTTP Response into HTTP Request via table

Non-English DNS Request filtering via iRules

HTTP Request Cloning via iRules, Part 1

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS