Forum Discussion

Nimbostratus

Mar 02, 2010

Restrict Access to URI based on Source IP

I'm new on the iRule side of things so would appreciate some help. Is it possible to restrict access to a particular URI on our public website (not the whole of the website) to a range ...

Cirrostratus

Mar 02, 2010

Hi Dave,

It's possible, but not effective as the URI check in an iRule can't handle the various obfuscation methods an attacker could use to bypass the validation. If you did try to normalize all the potential obfuscation techniques, you'd probably end up with a resource hog of an iRule.

See this post for details:

http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&tpage=1&view=topic&postid=3090031324

I should note that you can normalize the URI using an app firewall like ASM or validation on the webservers themselves.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Restrict Access to URI based on Source IP

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Is it possible to create a Single Pool with multiple ports ?

F5 object groups in AFM

Round-robin method not load balanced

F5 ASM with fortisandbox

Disabling signature for a URL

Related Content

Irule for restricting access

Office 365 Tenant Restrictions

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Phishing, Malware, Breach and Open-Source Security

Zero Trust Application Access for Federal Agencies

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS