LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

Question

Hi,One of the applications integrated with BIG-IP has a specific requirement, as detailed below:URLs under the subdomain https://fduat.fed.com need to limit access to only 10 times per day for each IP. Kindly check the feasibility and provide feedback.The URLs are as follows:/kyc-details/details/kyc-details/personal-detail/kyc-details/review-details/payment-details/vkyc/vkyc/success/summary/payment-details/paymentPlease confirm whether this requirement can be achieved using a Brute Force configuration, LTM rule, or iRule.

zamroni777 · Answer

kyc and payment api usually have authentication.i think it is much easier if the counting is done by app server and stored in dedicated db tables rather than counted by LB.

niels_van_sluis · Answer

Yes, you can use an iRule for this. Check out this link:&nbsp;
https://clouddocs.f5.com/api/irules/Limit-the-number-of-HTTP-requests-by-a-client-within-a-specified-time.html
With a little modification this iRule should fit your goal.

Forum Discussion

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

2 Replies

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

F5 Health Monitor Receive String as JSON

Rewrite content in XML schema file.

DNS Request to VS?

Guide for exam 402 F5 Certified Solution Expert

HA pair when both Tenants reside on the same Velos chassis

Related Content

Protecting APIs with Access Policy Manager and custom iRules

Access policy, LTM policy and iRules

Getting Started with BIG-IP Next: Configuring Instance High Availability

Multiple Ways to Configure Usage Reporting in NGINX

Json parsing with iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS