For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Thiyagu's avatar
Thiyagu
Icon for Cirrus rankCirrus
Dec 15, 2020

Irule help to block HTTP request if the HTTP Referer header value is null or with wrong domain

Hello Team, I'm in need of an Irule to block HTTP request if the HTTP Referer header value is null or with wrong domain address.   Could you please help with an irule for this request?   ...
application delivery
iRules
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Dec 17, 2020

Hi Tiyagu,

Can you test this and investigate logs?

when HTTP_REQUEST {
	log local0. "referer status: [HTTP::header exists Referer] | clientip: [IP::client_addr] | uri: [HTTP::uri]"
	if { [HTTP::header exists "Referer"] and not ([HTTP::header value "Referer"] contains ".abc.com") } {
		log local0. "referer header found | uri: [HTTP::uri]"
		HTTP::respond 400 content "Bad Request" Content-Type "text/html"
	}
}
  • Thiyagu's avatar
    Thiyagu
    Icon for Cirrus rankCirrus
    Dec 17, 2020

    Thanks a lot eaa.

    As a plan B I have also worked on the below iRULE. Could you please correct me if I' missing something ?

     

    ------------------------------------------------

    when HTTP_REQUEST {

     switch -glob [HTTP::header "Referer"] {

       "*.abc.com/*" {

         # Allow Request to go through...

       }

       "" {

         HTTP::respond 400 content "Bad Request" Content-Type "text/html"

       }

       default {

        HTTP::respond 400 content "Bad Request" Content-Type "text/html"

       }

     }

    }

    ------------------------------------------------------------

     

    Thanks a lot in advance

     

    Regards,

    Thiyagu