Forum Discussion
AltostratusLTM redirection at directory level
Hopefully an easy query for someone.
What is the correct secure way to ensure users cannot access top level folders on a webserver.
ie have https:\\xxx.com with 3 sites \site1, \site2, \site3
I need to create 3 virtual servers that only allow traffic to each of the paths and anything under that level.
Plus a second optional requirement for some of them they all have different certificates so if you say type site1.com you get redirected to site1.com\site1 without seeing the \site1
Thank you.
4 Replies
Simon_BlakelyEmployee
Use a Local Traffic Policy
K04597703: Overview of the Local Traffic Policies feature (12.1.0 and later)
Introducing Local Traffic Policies
Hi Ravager,
If you have one domain:
when HTTP_REQUEST { if { [HTTP::host] equals "xxx.com" and [HTTP::uri] equals "/" } { drop # or redirect # HTTP::redirect "https://xxx.com/xyz.html" } }If you have 3 domains, you can try this iRule:
when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { switch -glob [HTTP::host] { "site1.com" { HTTP::uri "/site1" } "site2.com" { HTTP::uri "/site2" } "site3.com" { HTTP::uri "/site3" } } } }
RavagerThanks for the answer, I suspect thats not going to prevent someone from typing something like site.com/default ? I am trying to also prevent people from accessing anything but the /path and downwards?
You can block all uri not starts with site1, site2, site3.
when HTTP_REQUEST { switch -glob [HTTP::uri] { "/site1*" - "/site2*" - "/site3*" { } default { drop } } }
