Forum Discussion

Nimbostratus

Nov 17, 2021

Restrict domain access via host IP

HI Guys, The requirement is to restrict site access via IP - I am trying to block access based on host value Can someone please review and advise if the below event block will work. ...

MVP

Nov 17, 2021

Hi TJ01,

You can use [HTTP::header host] or [HTTP::host]

when HTTP_REQUEST {
	if { [HTTP::host] equals "10.11.12.13" } {
		log local0. "request dropped - Host: [HTTP::host] ClientIP: [IP::client_addr]"
		drop
	}
}

For access only with host "abc.example.com"

when HTTP_REQUEST {
	if { [HTTP::host] ne "abc.example.com" } {
		log local0. "request dropped - Host: [HTTP::host] ClientIP: [IP::client_addr]"
		drop
	}
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Restrict domain access via host IP

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

Restrict access to virtual server during specified time

add /browerWeb Extension after domain name

F5's Access Policy Manager the Access Proxy for Zero Trust Architectures

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS