For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Shane_Terrick_9's avatar
Shane_Terrick_9
Icon for Nimbostratus rankNimbostratus
Dec 18, 2012

iRule to block blank username/password

Newbie to iRules here so please go easy.     I have been assigned a project to work with one of our applications that now wants to load balance thru our F5 (Gtm WIP and LTM VIP), but they als...
application delivery
dev
devops
iRules
El_Jefe's avatar
El_Jefe
Icon for Nimbostratus rankNimbostratus
Dec 18, 2012
Shane - With what you've given us, I can't really tell what you're doing. If you're using HTTP Basic Auth it could be as simple as -

 

You basically have to parse the username and PW, and figure out when null values come in, and then either drop the request or reject it.

 

 

when HTTP_REQUEST {

 

log local0. "[IP::client_addr]:[TCP::client_port]: User-Agent: [string tolower [HTTP::header "User-Agent"]] requested [HTTP::host][HTTP::uri]"

 

if { [string tolower [HTTP::username]] eq ""} {

 

log local0. "[IP::client_addr]:[TCP::client_port]: Rejected request"

 

reject

 

}

 

}

 

 

FYI - this is just an example off the top of my head. Haven't even checked syntax.