iRule to check the referer presense

Question

I am trying to write a iRule to accommodate the following, If the Referer is “mydomain.example.com” then allow the request, if not then check if requested URI is the login page then allow, if not then show 500 error.
when HTTP_REQUEST {
  switch -glob [HTTP::header "Referer"] {
    "https://mydomain.example.com/*" {
      HTTP::redirect [HTTP::header "Referer"]
    }
    "" {
        if{[HTTP::uri] contains "/enter.do"}{
             HTTP::redirect [HTTP::header "Referer"]
        }
        if{!([HTTP::uri] contains "/enter.do")}{
            HTTP::respond 500 content ""
        }
    }
  }
}

After applying this iRule I am always getting 500. Can someone help me write the correct iRule?

stanislas_piro2 · Answer

Hi,
don't redirect to referer:
when HTTP_REQUEST {
  switch -glob [HTTP::header "Referer"] {
    "https://mydomain.example.com/*" {
       do nothing and leave irule
      return
    }
    default {
        if{[HTTP::uri] contains "/enter.do"} {
             HTTP::redirect [HTTP::header "Referer"]
        } else {
            HTTP::respond 500 content ""
        }
    }
  }
}

Forum Discussion

iRule to check the referer presense

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

F5 Distributed Cloud Customer Edge on F5 rSeries – Reference Architecture

Cloud Docs - F5OS Technical Reference Materials

Customer Edge Site High Availability for Application Delivery - Reference Architecture

Site-to-Site Connectivity in F5 Distributed Cloud Network Connect – Reference Architecture

iRule Security 101 - #06 - HTTP Referer

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS