Reverse Proxy iRule to restrict the access on IP

Question

Hi,I have a Virtual Server setup with SSL (client and Server) Profile.&nbsp;Virtual Server : https://abc.com&nbsp;There is an extension to this URL for a specific application https://abc.com/iauth-token. I want to setup a reverse proxy setup where&nbsp;From ANY to https://abc.com - AllowFrom 1.1.1.1/32 to https://abc.com/iauth-token - AllowFrom ANY to https://abc.com/iauth-token - DENY.&nbsp;Is that possible with URI based restriction with iRule and how can that be done?&nbsp;&nbsp;&nbsp;&nbsp;

mayur_sutare · Answer

Hello,&nbsp;First create one DataGroup list of IP addresses to be allowed and map it under Below iRule.&nbsp;when HTTP_REQUEST {if {[HTTP::uri] eq "/iauthtoken"}&nbsp;{if {not ([class match [IP::client_addr] equals Allow-List])} {HTTP::respond 403 content "&lt;html&gt;&lt;body&gt;Access not permitted&lt;/body&gt;&lt;/html&gt;" Connection CloseTCP::close}}}&nbsp;Above iRule will allow access to mentioned URI from addresses which are part of Allow-List data group. Rest traffic should work w/o any issue.&nbsp;Hope it works!Mayur

Forum Discussion

Reverse Proxy iRule to restrict the access on IP

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Irule for restricting access

Office 365 Tenant Restrictions

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Restricting direct access from public IP

Restrict Access to Exchange Administrative Center - Enhanced

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS