Forum Discussion

Altostratus

Apr 25, 2024

Need help on i-rule to specific uri path

Hello All, I'm working on an i-rule that I need to do the following; given a set of specific source ip addresses, only allow access to specific uris of /ws/rest/external*. I set the specific...

Ret. Employee

Apr 26, 2024

The insecure HTTPS message is very unlikely to have been caused by your iRule - most likely it is because the server IP/name you are going to in order to reach the Virtual Server does not match the CN in the SSL certificate returned by the pool member.

Regarding the iRule; I strongly suggest using [HTTP::uri -normalized] to ensure that your iRule cannot be bypassed by encoding slashes or other bypasses (e.g. //, //./, %2F etc) (everyone should be doing this, really!). Other than that, Sanjay's rule above should be more efficient.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Need help on i-rule to specific uri path

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

i-rule header insert - APM

APM-Specific Features for Securing Your Website

I-rule for adapt request "response page"

Disabling Specific Weak Cipher Suites

CLI syntax to change i-rule order

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS