Forum Discussion
Sushant
Apr 02, 2021Altostratus
Restricting direct access from public IP
My website that resides under BIG IP F5 can directly be opened making use of public IP. As my site is one to one NAT'd and and one application under one public IP it can directly be opened using publ...
- Apr 03, 2021
If you VIP hosts single domain then use this to whitelist it
when HTTP_REQUEST { switch [string tolower [HTTP::host]] { "www.domain.com" { return } default { reject } } }
If VIP hosts multiple domains/SAN use below to whitelist all
when HTTP_REQUEST { switch [string tolower [HTTP::host]] { "www.domain1.com" - "www.domain2.com" - "www.domain3.com" { return } default { reject } } }
Sushant
Altostratus
- when HTTP_REQUEST {
- if { [HTTP::header "Host"] equals " " } {
- reject
- }
- }
tryin to use this irule without any success
spalande
Apr 03, 2021Nacreous
If you VIP hosts single domain then use this to whitelist it
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"www.domain.com"
{
return
}
default {
reject
}
}
}
If VIP hosts multiple domains/SAN use below to whitelist all
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"www.domain1.com" -
"www.domain2.com" -
"www.domain3.com"
{
return
}
default {
reject
}
}
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects