Forum Discussion
veredgf_96123
Nimbostratus
Nimbostratusirule for whitelist under certain path
Hi,
I am looking for an irule that will do the following - prevent access to all locations under a certain path - i.e., anything under should be block. and I want to have an exception group of ...
Stanislas_Piro2
Cumulonimbus
CumulonimbusHi,
You can use this code:
when HTTP_REQUEST {
set reqBlock 0
if {[HTTP::uri] starts_with "/yyy"} {
if {!([class match [HTTP::uri] contains "exceptions_datagroup"])} {
set reqBlock 1
}
}
}
when ASM_REQUEST_DONE {
Block not allowed request with ASM if enabled. Raise ASM user defined violation FILTER_IRULE_VIOLATION
if {$reqBlock} {
set violation_details [list [list Reason iRule_Event]]
lappend violation_details [list Filter URI_Not_Allowed]
}
ASM::raise FILTER_IRULE_VIOLATION $violation_details
}
}
when HTTP_REQUEST_SEND {
Block not allowed request with HTTP 403 code if ASM did not.
if {$reqBlock} {
clientside {
HTTP::respond 403 -version "1.1" content "Request RejectedYou are not authorized to access this page" noserver Connection Close
}
}
}
before Applying this code, do following configuration:
- create a new violation FILTER_IRULE_VIOLATION in Security ›› Options : Application Security : Advanced Configuration : Violations List
- In the policy configuration Security ›› Application Security : Policy : Policy Properties, enable Trigger ASM iRule Events
- In Policy blocking settings Security ›› Application Security : Policy Building : Learning and Blocking Settings, enable Block and Alarm for the violation FILTER_IRULE_VIOLATION