Forum Discussion
Bastien_8356
Jun 07, 2011Nimbostratus
iRule to block user coming from 1 URL
Hi there,
I'd like to block any http request to any user coming from a particular website.
It's going on a web server that is behind the F5 and already have a public IP address. It's not a node though, not load balanced nor behind a VIP.
I came up with this:
when HTTP_REQUEST {
if { ([HTTP::header "Referer"] eq "http://blahblah/") }
{ drop
}
}
Then I tried creating a VIP with the same public IP address and with the iRule, but the apache stop responding.
edit: I forgot to create associate it with a pool with this single node, that's how I have to do it ?
Can you help me please ? Many thanks.
- hooleylistCirrostratusHi Bastien,
when HTTP_REQUEST { if { ([HTTP::header "Referer"] eq "http://blahblah/") } { log local0. "[IP::client_addr]:[TCP::client_port]: Dropping [HTTP::method] to [HTTP::host][HTTP::uri] with Referer [HTTP::header Referer]" drop } else { log local0. "[IP::client_addr]:[TCP::client_port]: Allowing [HTTP::method] to [HTTP::host][HTTP::uri] with Referer [HTTP::header Referer]" } }
- Bastien_8356NimbostratusHey hoolio, thx I'll give a try, but I didn't succeed in creating a VIP with my webserver as the only node. It's stop responding.
- Michael_YatesNimbostratusWhen you say:
- Bastien_8356NimbostratusThat's what I did, probably why it didn't work ?
- Michael_YatesNimbostratusIf your DNS is pointed to that IP Address, then you could change ownership of the IP Address.
- Bastien_8356NimbostratusI got you, thx ! I can't do this now but I'll up this thread if I have issue with the iRule !
- Hello ,
Is there another function that can drop the request and stop going through the other IRules?
Thanks.
Regards,
TRX
- Colin_Walker_12Historic F5 AccountIf you want to both drop the request and stop all iRules, try:
drop event disable all
- hooleylistCirrostratusHi TRX,
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects