Forum Discussion
TiborP
Altostratus
AltostratusHow to exclude URL from DoS protection?
I have DoS Protection profile configured and applied to virtual server. I want to protect application where one URL is used to something like "check" and this URL is called from client every second. ...
You can do this with two options:
1- using a LTM policy with two rules, one default that enable l7dos, and one specific to your URL that disables l7dos.
2- using an iRule with DOSL7::enable and DOSL7::disable commands.
But one thing to be checked/tested is if the disable/enable actions apply only to the current transaction or to the whole TCP connection.
Abdessamad1
Cirrostratus
CirrostratusYou can do this with two options:
1- using a LTM policy with two rules, one default that enable l7dos, and one specific to your URL that disables l7dos.
2- using an iRule with DOSL7::enable and DOSL7::disable commands.
But one thing to be checked/tested is if the disable/enable actions apply only to the current transaction or to the whole TCP connection.
TiborPThank you Abdessamad,
I have used LTM policy and this works fine. In statistics I have possibility to choose traffic with DoS policy applied (which is traffic without this excluded URL). I can set up thresholds in DoS policy configuration at low levels which is for traffic without excluded URL and this works too. I get alarms (events) for this new setup.