Geoblock exception based on user agent

Question

Hi,&nbsp;
We have Geo-blocking enabled for one of our apps and want to allow access from a third party tool that has a very specific user agent. Is it possible to allow requests from a geo blocked location when the user agent matches a particular string?&nbsp;
Thank you.&nbsp;

samstep · Answer

You can do it with an iRule which checks the User-Agent Header to be the one you want to white-list and then unblocks that request using ASM::unblock
Here is a sample iRule (replace 'My Magic User Agent' with User-Agent you need): 
when ASM_REQUEST_DONE {
  foreach {viol} [ASM::violation names] {
    if { $viol eq "VIOLATION_ILLEGAL_GEOLOCATION" } {
      if { [HTTP::header "USER-AGENT"] contains "My Magic User Agent" } {
         ASM::unblock
    }     
    }
  }

}

Hope this helps,
Sam
P.S. Remember to enable 'Trigger ASM iRule Events' in your policy properties!

Forum Discussion

Geoblock exception based on user agent

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Exception for GeoBlocked Country. Without Allow-Listing a specific IP

except ip from asm logging

Demystifying Time-based OTP

Redirect all request except few path

Cookie-based DDoS protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS