Forum Discussion

Nimbostratus

Aug 08, 2023

iRule newbie - Whitelisting IP address for Spesific URL and Attack Pattern

Hello community, One of our third party applications have false-positive blocks for spesific attack pattern, which we want to whitelist, but as our f5 support explained that it cannot be done to ...

Ret. Employee

Aug 08, 2023

I think it can be done, but not w/ an ASM irule. I can't write this now, as I'm sick and on quick, but the idea is to take the asm policy off the vip, then use an irule like this:

when http_request, check URI.
if uri matches [list of disallowed uris], exit the irule.
else, if no match, apply ASM policy.

I am going to tell you, though.. depending on traffic levels, this could get computationally expensive.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule newbie - Whitelisting IP address for Spesific URL and Attack Pattern

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Connection Rate Limit with log output

syslog over tcp and define management IP as source

Managing iRules configuration

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Related Content

F5 Distributed Cloud - Traffic Steering based on Client IP Address

The BIG-IP Application Security Manager Part 6: IP Address Intelligence and Whitelisting

Addressing Shadow AI with F5 BIG-IP SSL Orchestrator

Global Blacklist or Whitelist

CSV to Address External Datagroup File

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS