Forum Discussion

Nimbostratus

Nov 17, 2021

Restrict domain access via host IP

HI Guys, The requirement is to restrict site access via IP - I am trying to block access based on host value Can someone please review and advise if the below event block will work. ...

MVP

Nov 17, 2021

Hi TJ01,

You can use [HTTP::header host] or [HTTP::host]

when HTTP_REQUEST {
	if { [HTTP::host] equals "10.11.12.13" } {
		log local0. "request dropped - Host: [HTTP::host] ClientIP: [IP::client_addr]"
		drop
	}
}

For access only with host "abc.example.com"

when HTTP_REQUEST {
	if { [HTTP::host] ne "abc.example.com" } {
		log local0. "request dropped - Host: [HTTP::host] ClientIP: [IP::client_addr]"
		drop
	}
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Restrict domain access via host IP

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Managing iRules configuration

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Related Content

Irule for restricting access

Office 365 Tenant Restrictions

Route Domains

Restricting access to a virtual server by Public IP address should access through only domain name.

F5 BIG-IP Zero Trust Access

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS