Forum Discussion

Nimbostratus

Apr 19, 2010

Rejecting HTTP request

Hello there, I'm trying to reject a http request when it's containing a special string, but it doesn't work. Please have a look at my rule: when HTTP_REQUEST { if {...

Cirrostratus

Apr 19, 2010

Hi Manu,

Yes, if the string you're looking for is in the query string you could check HTTP::uri (which is the path and query string) or be more precise and check only the query string using HTTP::query.

You might also want to set the query string to lower case and URI decode it before checking for the string to ensure a malicious user can't obfuscate the string in their request (%4d%79%53%74%72%69%6e%67 is "MyString" URI encoded).

See the wiki pages for details:

http://devcentral.f5.com/wiki/default.aspx/iRules/http__query

http://devcentral.f5.com/wiki/default.aspx/iRules/http__uri

http://devcentral.f5.com/wiki/default.aspx/iRules/http__path

http://devcentral.f5.com/wiki/default.aspx/iRules/uri__decode

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Rejecting HTTP request

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

F5 HTTPS Redirect 2025

APM HTTP Connector request and HTTP Headers

HTTP Request Throttle

Handling HTTP Requests on an HTTPS Virtual Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS