Forum Discussion
I rule to only allow GETs to elastic
We presently don't have any iRules in place so I'm a little new to this. What we're wanting is to only allow GETS to a particular virtual host and to drop all other types of requests.
What is the best way to achieve this?
Any assistance appreciated.
We have a BIGIP 1600
You could do something simple like
when HTTP_REQUEST { if { [HTTP::method] equals "GET" } { pool } else { HTTP::respond 405 "Method not allowedMethod not allowed" } }
- Richard__HarlanHistoric F5 Account
You could do something simple like
when HTTP_REQUEST { if { [HTTP::method] equals "GET" } { pool } else { HTTP::respond 405 "Method not allowedMethod not allowed" } }
- David_Leach_148
Nimbostratus
Cool, to clarify do I replace pool with the name of the pool? - David_Leach_148
Nimbostratus
Oh, we still want GET request to go to all other webservers. It's only the one pool we want to restrict to only having GETS. So would we do something like this... when HTTP_REQUEST { if { [HTTP::method] equals "GET" } && { [pool equals elastic]}{ pool elastic } else { HTTP::respond 405 "Method not allowed" } }
when HTTP_REQUEST { if { ![[HTTP::method] equals "GET"] } { drop } }
Richard, I like where you are going with that iRule, you might want to simplify it down to something like above.
- IheartF5_45022
Nacreous
The original request mentioned virtual Hosts so perhaps the Host headers should be referenced?
when HTTP_REQUEST { if {[HTTP::host] eq "mysite.com"} { if { ![[HTTP::method] equals "GET"] } { drop } } }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com