Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Dec 17, 2014

Product Vulnerability Related to IIS

Hi Team,

We are providing web-based solution build on F5 to our customers and recently we found vulnerabilities related to IIS, For now Product Development team dont have any feature from their end in IIS 6.0 ver and to fix this, we need to block the below content from HTTP_REQUEST

/portal/content/English%5Cgeneric%5Creplacevars.asp?file=.htm/../../../../../../../../GlobalSettings.xml

Can you please guide us with the Irule please which can allow all and block this exact extension.

Thanks and Regards PZ

2 Replies

gsharri
Altostratus
Dec 17, 2014
You should be able to adapt the irule from this thread to your needs.
Mahmoud_Eldeeb_
Cirrostratus
Dec 17, 2014
using of iRule will allow you to block the portion you aim to

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Bram - January 2026 Featured Member

DevCentral News

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5