I want to Block A URL for my web application when it contains the following parameters

Question

I want to Block A URL for my web application when it contains the following parameters  in the URL like

or %3A or $ or %24 please confirm if this can be possible . however i need to make sure my actual URL should not stop working.&nbsp;

stan_piron · Answer

try this
when HTTP_REQUEST {
    if {[HTTP::query] contains "%3C" | [HTTP::query] contains "\$" | [HTTP::query] contains "%24"} {
        HTTP::respond 403 content {Content Rejected}
    }
}

troy_johnson_35 · Answer

Here is a nice article on using ASM to use parameters to block a URL:&nbsp;
http://www.thef5guy.com/blog/2011/05/big-ip-asm-using-parameters-to-block-attacks/ &nbsp;

frank_nsubuga_3 · Answer

Hi,&nbsp;
I know this is in LTM, but If you have ASM, I believe u/dakritt answered this question a while back in the link below:
https://devcentral.f5.com/questions/asm-disallowed-url-and-wildcard-58982&nbsp;
You can use ASM to create an attack signature and block that, if those parameters are being sent as part of a user's request.&nbsp;

Forum Discussion

I want to Block A URL for my web application when it contains the following parameters

3 Replies

Tyler - May 2026 Featured Member

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

F5 Send email and snmp trap from LTM log event

shame on f5

Dynamic import of data groups

ASM allow specific url from outside country of geolocation ON

AWAF Detection Inconsistency Between Similar Test Payloads

Related Content

Introducing the F5 Application Study Tool (AST)

System Prerequisites for Deploying the Application Study Tool

Zero Trust Application Access for Federal Agencies

Application Study Tool: Make Grafana Listen on HTTPS

Modern Applications-Demystifying Ingress solutions flavors

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS