Forum Discussion

schmuck's avatar
schmuck
Icon for Nimbostratus rankNimbostratus
Feb 05, 2013

iRule to block access to all but certain URIs

Only certain URIs are allowed on a server. I am trying to limit access to only those specific URIs. I have tried unsuccessfully to use the following iRule:

 

when HTTP_REQUEST {

 

if { not ([string tolower [HTTP::uri]] starts_with "/uri1") || not ([string tolower [HTTP::uri]] starts_with "/uri2") }{

 

HTTP::respond 200 content "URL Blocked"

 

}

 

}

 

 

This works fine if it is only one URI and the "or" is removed. Thoughts?

 

application delivery
dev
devops
iRules

4 Replies

  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Feb 06, 2013

    Try this;

     Create a Data Group (called uriallow below) with the list of permitted URI's (make sure they start with /) when HTTP_REQUEST { if { not [class match [string tolower [HTTP::uri]] equals uriallow] } { HTTP::respond 200 content "URL Blocked" } Stop processing the iRule for this event here return }

  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Feb 06, 2013
    OK, slight update; 

    
Create a Data Group (called uri_allow below) with the list of
permitted URI's (make sure they start with /)

when HTTP_REQUEST {
 if { not [class match [string tolower [HTTP::uri]] equals uri_allow] } {
  HTTP::respond 200 content "URL Blocked"
  Stop processing the iRule for this event here
  Return
 }
}
  • schmuck's avatar
    schmuck
    Icon for Nimbostratus rankNimbostratus
    Feb 06, 2013

    Thank you. The bottom iRule worked. I changed the "equals" to "starts_with" and removed the Return. That did it though. Thank you very much.

     

  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Feb 06, 2013

    Great. You're welcome.

     

    The Return should have been all lowercase 'return' which probably explains your issue with that.