F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

kend's avatar
kend
Icon for Altostratus rankAltostratus
Dec 12, 2011

HTTP iRule

I found this iRule on the DevCentral site at the following URL, http://devcentral.f5.com/wiki/iRule...eader.ashx     It does exactly what I need it to do except work with HTTPS. How would I m...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Dec 12, 2011
Also note that that iRule would allow a malicious user to send HTTP traffic to any pool which ends with _pool configured on your LTM. From a security standpoint, it would be a lot safer to create a whitelist of allowed pool names and check that the parsed pool name is part of it before allowing the client to get to the pool. You could do this by defining the allowed pool names in a data group and then using the class command to look up the requested host in the data group.

 

 

http://devcentral.f5.com/wiki/iRules.class.ashx

 

 

Aaron