Forum Discussion

yuanqiang_22112

Nimbostratus

Aug 30, 2017

how to deny ip visit application

Hello: I want to use ltm deny ip visit v_ip, only permit domain name. How to realize ?

Cirrostratus

Sep 05, 2017

Hello Yuanqiang,

It is better to check in your irule the FQDN and based on the FQDN drop or do nothing.

when HTTP_REQUEST {

    if { ! ( [string tolower [HTTP::host]] eq "app.domain.com" ) } {
        drop 
        log local0. "connection dropped from client for accessing [HTTP::host]"
    }
}

By doing this, you prevent clients to connect via IP directly and also via other FQDN (if they changes their host file for example).

Hope it helps

Regards

Forum Discussion

how to deny ip visit application

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Query on source IP preservation for syslog traffic through F5 virtual server

Related Content

DevCentral Visits BlackHat 2023 !!!

Introducing the F5 Application Study Tool (AST)

DevCentral Visits GovWare 2023

That's a Wrap! DevCentral Visited: GovWare 2022

DevCentral Visits SecTor 2023