Forum Discussion

Nimbostratus

Aug 08, 2023

iRule newbie - Whitelisting IP address for Spesific URL and Attack Pattern

Hello community, One of our third party applications have false-positive blocks for spesific attack pattern, which we want to whitelist, but as our f5 support explained that it cannot be done to ...

Moderator

Aug 08, 2023

I think it can be done, but not w/ an ASM irule. I can't write this now, as I'm sick and on quick, but the idea is to take the asm policy off the vip, then use an irule like this:

when http_request, check URI.
if uri matches [list of disallowed uris], exit the irule.
else, if no match, apply ASM policy.

I am going to tell you, though.. depending on traffic levels, this could get computationally expensive.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule newbie - Whitelisting IP address for Spesific URL and Attack Pattern

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Floating IP responds from wrong VLAN/trunk

Webtop which has VNC for macos users

AST Configuration Assistance

expandsSubcollections and filtering in F5 SDK

F5 i-series Guests to r-series tenants migration

Related Content

The BIG-IP Application Security Manager Part 6: IP Address Intelligence and Whitelisting

Addressing Shadow AI with F5 BIG-IP SSL Orchestrator

BIG-IP Next for Kubernetes, addressing today’s enterprise challenges

Global Blacklist or Whitelist

CSV to Address External Datagroup File

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS