Forum Discussion

ReynaldoQ_14206's avatar
ReynaldoQ_14206
Icon for Nimbostratus rankNimbostratus
Jan 10, 2018

Need an iRule to stop LTM from responding to https via IP address

We have a site that is responding to and this is oustdie of our access standards. How do write an iRule to restrich such access.

 

BIG-IP
LTM
security
  • kolom_265617's avatar
    kolom_265617
    Icon for Cirrostratus rankCirrostratus
    Jan 10, 2018

    Hello ReynaldoQ,

    You can try the following iRule , i specified here the action as reject. you can change it to drop , redirect to another host , or return a specific HTTP response.

    when HTTP_REQUEST {
if { !([string tolower [HTTP::host]] equals "test.com")}{
reject
}
}
  • kolom's avatar
    kolom
    Icon for Altostratus rankAltostratus
    Jan 10, 2018

    Hello ReynaldoQ,

    You can try the following iRule , i specified here the action as reject. you can change it to drop , redirect to another host , or return a specific HTTP response.

    when HTTP_REQUEST {
if { !([string tolower [HTTP::host]] equals "test.com")}{
reject
}
}
  • StuKirby_233899's avatar
    StuKirby_233899
    Icon for Altostratus rankAltostratus
    Jan 11, 2018

    Hello

    You could also specify the URI must have letters in:

    when HTTP_REQUEST { 

      Check if the host header contains one or more alpha characters  
 if {not ([string match -nocase {*[a-z]*} [HTTP::host]])}{  

     Host was either empty or an IP address, drop the request 
    drop 
 }

    }