I want to Block A URL for my web application when it contains the following parameters

Question

I want to Block A URL for my web application when it contains the following parameters  in the URL like

or %3A or $ or %24 please confirm if this can be possible . however i need to make sure my actual URL should not stop working.&nbsp;

stanislas_piro2 · Answer

try this
when HTTP_REQUEST {
    if {[HTTP::query] contains "%3C" | [HTTP::query] contains "\$" | [HTTP::query] contains "%24"} {
        HTTP::respond 403 content {Content Rejected}
    }
}

troy_johnson_35 · Answer

Here is a nice article on using ASM to use parameters to block a URL:&nbsp;
http://www.thef5guy.com/blog/2011/05/big-ip-asm-using-parameters-to-block-attacks/ &nbsp;

frank_nsubuga_3 · Answer

Hi,&nbsp;
I know this is in LTM, but If you have ASM, I believe u/dakritt answered this question a while back in the link below:
https://devcentral.f5.com/questions/asm-disallowed-url-and-wildcard-58982&nbsp;
You can use ASM to create an attack signature and block that, if those parameters are being sent as part of a user's request.&nbsp;

Forum Discussion

I want to Block A URL for my web application when it contains the following parameters

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

VIPTest: Rapid Application Testing for F5 Environments

Application Programming Interface (API) Authentication types simplified

Securing Applications using mTLS Supported by F5 Distributed Cloud

Brute Force protection for single parameter like OTP

Understanding Modern Application Architecture - Part 1

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS