Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

netw's avatar
netw
Icon for Nimbostratus rankNimbostratus
Apr 21, 2024

Irule for Host block with custom ASM violation

Dears,   I have following scenarios,  1. if Traffic from Internal user/IP --- > Allow connection  2. Traffic from internet 2.1) Block access only on Host name ( URL ), That is -----> https://XYZ...
asm
irules
JRahm's avatar
JRahm
Icon for Admin rankAdmin
Oct 15, 2024
when HTTP_REQUEST priority 500 {
    if { ([IP::addr [IP::client_addr] equals 10.0.0.0/8]) || ([HTTP::host] == "xyz.com") } {
        return
    } else {
        HTTP::respond 403 content "Access Denied"
    }
}

Strictly with an iRule, this should be close to what you need to allow requests from 10/8 to any host or require host xyz.com. If you have ASM, you can configure this in the policy and you shouldn't need an iRule at all.