LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

Question

Hi,One of the applications integrated with BIG-IP has a specific requirement, as detailed below:URLs under the subdomain https://fduat.fed.com need to limit access to only 10 times per day for each IP. Kindly check the feasibility and provide feedback.The URLs are as follows:/kyc-details/details/kyc-details/personal-detail/kyc-details/review-details/payment-details/vkyc/vkyc/success/summary/payment-details/paymentPlease confirm whether this requirement can be achieved using a Brute Force configuration, LTM rule, or iRule.

zamroni777 · Answer

kyc and payment api usually have authentication.i think it is much easier if the counting is done by app server and stored in dedicated db tables rather than counted by LB.

niels_van_sluis · Answer

Yes, you can use an iRule for this. Check out this link:&nbsp;
https://clouddocs.f5.com/api/irules/Limit-the-number-of-HTTP-requests-by-a-client-within-a-specified-time.html
With a little modification this iRule should fit your goal.

Forum Discussion

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

2 Replies

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

master key file on vcmp guest HA Cluster different?

F5 Health Monitor Receive String as JSON

Rewrite content in XML schema file.

DNS Request to VS?

Guide for exam 402 F5 Certified Solution Expert

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

APM Configuration to Support Duo MFA using iRule

Accessing TCP Options from iRules

BIG-IQ Access Configuration Interface Quick Introduction

F5 BIG-IP Advanced WAF – DOS profile configuration options.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS