Forum Discussion
NimbostratusNeed an extra pair of eyes on my irule please- Block access to specific uri path
I'm attempting to prevent users from accessing a folder/page externally and it appears that this blocks for most, however the app team says that they can still get to it sometimes. I cannot reproduce it, was hoping I could get an extra pair of eyes on it as I cannot reproduce it with IE or FireFox but they sent me a screenshot with the page loaded with the full url/uri in the path so I might be missing something.
I have asked how, and am awaiting a response on how they are actually reproducing and getting to it. It sounds like they are using Firefox and some how still able to get to it.
Thanks all!
Code:
set lower_uri [string tolower [HTTP::uri]]
Define the variables
set uri1 "/uricodeunwantedbyexternal/"
set srvpool "www.xyz.com"
set redirect_path https://www.xyz.com
if { ($lower_uri starts_with $uri1) } {
log local0. "blocked $uri1 contains; redirecting traffic [HTTP::uri]"
HTTP::redirect $redirect_path
Else, pass request
} else {
log local0. External user and uri does not match allowed uri's[HTTP::uri]
pool $srvpool
}
}2 Replies
jdam_41848Altocumulus
Hi, I have discounted your logging so in basic terms, couldn't you do something more simple like...
when HTTP_REQUEST { if { [string tolower [HTTP::uri]] contains "/uricodeunwantedbyexternal/" } { HTTP::redirect "https://www.xyz.com" } }
If you have a default pool you shouldn't need the pool statement. Also, removing the set statements should free up resources.
Greg_33932Thanks for the response, I'll give that a try and see if a simpler one resolves it. I have to do it in the DR region when I can find some time and do a request for prod, so wont be a quick response. I'll share my findings, Thanks jdamotta!
