Forum Discussion

Nimbostratus

Apr 01, 2015

iRule to disable APM not working as expected

when HTTP_REQUEST { set header [HTTP::header "User-Agent"] log local0. "Before Match --- Header is: $header" if {[string tolower [HTTP::header "User-Agent"]] contains "mac os x" && [str...

BIG-IP Access Policy Manager (APM)

security

Michael_Jenkins

Cirrostratus

Apr 02, 2015

If your request has any of the apm cookies, you may need to remove them from that request. I've had weird issues like that.

so, perhaps your iRule could do something like this:

when HTTP_REQUEST {    
    if {[string tolower [HTTP::header "User-Agent"]] contains "mac os x"  && [string tolower [HTTP::uri]] equals "/ews/exchange.asmx"} {
        log local0. "  Disable access for [HTTP::uri]"
        ACCESS::disable 
        HTTP::cookie remove "MRHSession"
        HTTP::cookie remove "LastMRH_Session"
    } else {
        log local0. "  [HTTP::uri]"
    }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

iRule to disable APM not working as expected

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

Irule not working as expected

Example Expect Script

disable http retry

F5 iRUule not working

BIG-IP connection mirroring in public cloud doesn't work, but why?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS