Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

spacecc's avatar
spacecc
Icon for Altostratus rankAltostratus
1 year ago
Solved

iRule http host with wildcard domain

Hi, I want to ask a question. I want to limit the http::host wildcard domain in iRule. Allow *.domain.com, but disallow *.*.domain.com. Such as if http::host is a.aaa.com or b.aaa.com, then go on. If...
irule
LTM
Aswin_mk's avatar
Aswin_mk
Icon for MVP rankMVP
1 year ago

For wild card we could use an equivalent string function: I just writing a rule, you can test it. if its not worked use pool as well

 

when HTTP_REQUEST {

    if { [string match "example*.domain.com" [string tolower [HTTP::host]]] } {

       

        }

else {

    reject

    }

}

spacecc's avatar
spacecc
Icon for Altostratus rankAltostratus
1 year ago

Thanks for reply, sir. Please check this.

My irule is:

when HTTP_REQUEST {
    if { [string match "*.hackit.com" [string tolower [HTTP::host]]] } {
        log local0. "Host is [HTTP::host]"
    } else {
        reject
    }
}

Check the log: 

<HTTP_REQUEST>: Host is www.gslb.hackit.com

The irule didn't work. My goal is if I access *.hackit.com, it passes. When I access *.*.hackit.com, it rejects.