For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Puli's avatar
Puli
Icon for Nimbostratus rankNimbostratus
Jan 11, 2011

how to block spam on forums application

We have a forums application that runs jive forums.   We have an issue where a user who is changing usernames and posting spam to the forums.     We want to block this user from posting forum...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jan 11, 2011
Nice work Chris! One small note: the static namespace didn't exist in 9.x, so you could replace that with a local variable set in HTTP_REQUEST: 


when HTTP_REQUEST {

    Only check POST requests
   if { [HTTP::method] eq "POST" } {

       Default amount of request payload to collect (in bytes)
      set collect_length 2048

       Check for a non-existent Content-Length header
      if {[HTTP::header Content-Length] eq ""}{

          Use default collect length of 2k for POSTs without a Content-Length header
         set collect_length $collect_length

      } elseif {[HTTP::header Content-Length] == 0}{

          Don't try collect a payload if there isn't one
         unset collect_length

      } elseif {[HTTP::header Content-Length] > $collect_length}{

          Use default collect length
         set collect_length $collect_length

      } else {

          Collect the actual payload length
         set collect_length [HTTP::header Content-Length]

      }

       If the POST Content-Length isn't 0, collect (a portion of) the payload
      if {[info exists collect_length]}{

          Trigger collection of the request payload
         HTTP::collect $collect_length
      }
   }
}

when HTTP_REQUEST_DATA {
   if { [matchclass [HTTP::payload] contains dg_blocked] }{
      HTTP::respond 403 "Blocked"
   }
}

Aaron