Forum Discussion
Reverse Proxy iRule to restrict the access on IP
Hi,
I have a Virtual Server setup with SSL (client and Server) Profile.
Virtual Server : https://abc.com
There is an extension to this URL for a specific application https://abc.com/iauth-token. I want to setup a reverse proxy setup where
From ANY to https://abc.com - Allow
From 1.1.1.1/32 to https://abc.com/iauth-token - Allow
From ANY to https://abc.com/iauth-token - DENY.
Is that possible with URI based restriction with iRule and how can that be done?
Hello,
First create one DataGroup list of IP addresses to be allowed and map it under Below iRule.
when HTTP_REQUEST {
if {[HTTP::uri] eq "/iauthtoken"}
{
if {not ([class match [IP::client_addr] equals Allow-List])} {
HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close
TCP::close
}
}
}
Above iRule will allow access to mentioned URI from addresses which are part of Allow-List data group. Rest traffic should work w/o any issue.
Hope it works!
Mayur
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com