Forum Discussion

Cirrocumulus

Dec 15, 2022

IRule to block URL/URI from Data Group

Hello, we've a VS with about 20 URLs, now I've to block Login-Sites dor the most but not all URL's, for eg: www.somesite1.org/login www.somesite2.org/member www.somesite2.org/login I'd like to p...

application delivery

irule

CA_Valli

MVP

Dec 15, 2022

Hi kgaigl ,

this should work. Note that I'm not putting URI in lowercase so /login and /LOGIN will require two different matches (they would be two different URLs indeed anyways)

when HTTP_REQUEST {
 set req "[string tolower [HTTP::host]][HTTP::uri]"
 if {[class match $req eq unallowed_datagroup]}{ HTTP::respond 403 }
}

ltm data-group internal unallowed_datagroup {
    records {
        www.somesite1.org/login { }
        www.somesite2.org/member { }
        www.somesite2.org/login { }
    }
    type string
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

IRule to block URL/URI from Data Group

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

Forward with specific URI to pool without changing URL

BigIP ASM can't block Command Execution Attack

Blocking a specific URL on a specific VIP with iRule

how to block asm

Will this iRule block a range of IP Addresses?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS