Forum Discussion

Altocumulus

Nov 01, 2021

Filter request irule

Hi, is it possible to use an irule to block access (or redirect to a different address) if https://www.abc.com or https://www.abc.com/ was visited but still allow access to https://www.abc.com/123/ and any other sub-directories?

irules

LTM

security

1 Reply

spalande

Nacreous

Nov 03, 2021

You can follow 2 approaches.

Neagtive Security - Allows everything, and reject what I know

when HTTP_REQUEST {
	 switch -glob [HTTP::uri] {
                "/" -
		"/abc"
		{
                      reject
		} 
		default {
		       return
		}
	}
}

Positive Security - Rejects everything and allow only what I know

when HTTP_REQUEST {
	 switch -glob [HTTP::uri] {
                "/123*" -
		"/234*"
		{
                    return
		} 
		 default {
		        drop
		}
	}
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Filter request irule

1 Reply

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Help with SSH Virtual Server

Related Content

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

Logging DNS Requests

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Non-English DNS Request filtering via iRules

iRule to take cookie from HTTP Response into HTTP Request via table

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS