Irule for DDOs Attacks with LC

Question

I have a Link controller module and I´m working with a client that is getting DD0s attacks from random IPs. Can irule stop it?

sebastiansierra · Answer

Hi,If you don't have the F5 modules to protect against DDoS attacks as AFM and ASM you can follow this link:https://support.f5.com/csp/article/K14813&nbsp;

nikoolayy1 · Answer

Hello,
&nbsp;
When you say random ip addresses if they rotate too much then you may need bot protection like shape that can be integrated with F5 or with the backend server code with shape enterprise defense.
&nbsp;
Still if during the attack if a single ip address is causing too much traffic even random one you can rate limit it. This will be good for HTTP VIP or HTTPS VIP where you do a decryption:
&nbsp;
https://community.f5.com/t5/technical-forum/f5-irule-table-command-rate-limit-or-block-http-requests-in-two/m-p/295250#M258952
&nbsp;
&nbsp;
If the DDOS is volumetric at layer 3/4 better have scrubbing center beforethat like Silverline or your ISP can provide you such functions for extra payment.

Forum Discussion

Irule for DDOs Attacks with LC

2 Replies

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

T4 and ALL tenant images

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Related Content

Real Attack Stories: Bank Gets DDoS Attacked

DDoS Attack Trends for 2021

Scrubbing away DDoS attacks

Real Attack Stories: DDoS Against Email Provider

F5 Distributed Cloud L7 DoS Attack Mitigation Roundup

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS