Forum Discussion

Nimbostratus

Nov 03, 2010

iRule for URI ACL

Good afternoon. We are getting desperate trying to find a solution to allow specific URIs and deny all other traffic. Basically what we are after is to allow access to 5 specific directorie...

Cirrostratus

Nov 08, 2010

I think this is what Chris was suggesting:


when HTTP_REQUEST {

   if { ! ([class match [string tolower [HTTP::uri]] starts_with SplunkTest] or [HTTP::uri] eq "/") } {
      HTTP::respond 200 content "PERMISSION DENIED TO: [HTTP::uri]"
   }
}

You might also want to decode the URI using URI::decode to minimize the chance someone can bypass the iRule logic:

http://devcentral.f5.com/wiki/default.aspx/iRules/FullyDecodeURI.html

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

iRule for URI ACL

Recent Discussions

APM with EntraID as idP / request signed

Creating Policy using Terraform

Alert Mail when virtual server down trubleshooting

How to disable RC4 Cipher on SSL

Big-IQ + LetsEncrypt wildcard

Related Content

iRule creation based on URI

iRule to change URI Path

Trouble with Exclusion URI iRule

Modify blank URI

Question regarding irule http::uri to select pool based on URI

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS