Forum Discussion

seth_83421's avatar
seth_83421
Icon for Nimbostratus rankNimbostratus
Sep 04, 2009

How to restrict access to a URL from a different URL

I'm a newbie to iRules, and would like some help please!

 

I'm wondering how I can restrict access to (for example) www.seagulls.com so it can only be accessed from www.birdwatch.com.

 

 

Something like this? Sorry for the messy syntax.

 

 

b rule seagulls_rule {

 

when HTTP_REQUEST {

 

if {[HTTP::header exists "Referer"]}{

 

pool seagulls_pool

 

}

 

else {

 

command to drop

 

}

 

{

 

set ::drop_msg "Sorry, you can't access this page directly"

 

}

 

}

 

}

 

 

 

Thanks!!!
application delivery
dev
devops
iRules
  • Joe_Pruitt's avatar
    Joe_Pruitt
    Sep 04, 2009
    You are heading in the right direction. Your iRule just checks if there is a Referer header. If you want to restrict from a single site, you'll have to check agains the value of the Referer header. 

     when HTTP_REQUEST { 
   if { ([HTTP::header "Referer"] ne "www.birdwatch.com") } { 
     HTTP::respond 200 Content "SORRY, You Can't access this page directly"; 
   } 
 }

    This assumes you have the "seagulls_pool" set as the default pool for the virtual. If not, then add an "else" to the if clause and do the pool assignment there.

    -Joe
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Sep 07, 2009
    Keep in mind that any client can manipulate the value of any HTTP header. There are many browser plugins which allow a user to do this like RefControl (Click here) or TamperData (Click here).

     

     

    Aaron