help with irule

Question

Hi,&nbsp;
I need to write irule that 
1. drop connection to uri that contain "wp-admin" "login" "mydb" from specific ip address
2. allow access to uri that contain "admin-ajax.php"&nbsp;
This is the irule i wrote:
when HTTP_REQUEST {&nbsp;
check the Class to determine if it's not allowed
deny access to wordpress /admin and /login from external ip address
Allow only My ip address to connect wordpress /admin and /login
Allow access to any host that contains "admin-ajax.php"
if {[HTTP::uri] contains "admin-ajax.php"} {
log local0. "admin-ajax request accepted from client: [IP::client_addr]"&nbsp;
} elseif {[HTTP::uri] contains "wp-admin" || [HTTP::uri] contains "login" || [HTTP::uri] contains "mydb"} {
if {not[class match [IP::client_addr] equals Technion_ip_Address] } {
log local0. "dropped connection My ip address[IP::client_addr]"
} else {
  reject 
}
}
}&nbsp;
Unfortunately the irule does not work, after the first if everything pass.&nbsp;
Suggestions please&nbsp;
Regards
Rafi&nbsp;

youssef1 · Answer

Hi,
you can begin with this irule then let me now if you need some update:
when HTTP_REQUEST {
    if { !([IP::client_addr] equals "10.0.0.8" ) } {

if { ([string tolower [HTTP::uri]] contains "admin" || [string tolower [HTTP::uri]] contains "login") &amp;&amp; !([string tolower [HTTP::uri]] contains "admin-ajax.php") } {
            drop
        }

} 
}

Of course change "10.0.0.8" by your IP.

Forum Discussion

help with irule

Recent Discussions

Default retry time inband monitor

how to monitor the axfr master response

Http / https health monitor issue

I used the wrong email account when take Application Delivery Exam (101)

F5 looses the token for the first call

Related Content

iRules Style Guide

Json parsing with iRules

Re: iRules Editor with Visual Studio Code

Using Tcl packages in iRules

Decrypting BIG-IP Packet Captures without iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS