For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Cpet's avatar
Cpet
Icon for Altocumulus rankAltocumulus
Jul 29, 2019

Security issue - Oracle Identity System Administration login screen is exposed to public

Hi to all,   I have a cluster with 2 Big-IP VM ver13.1 .A VS has the role to load balanced OAM.I discovered that the Oracle Identity System Administration login screen is exposed to public.I foun...
BIG-IP
iRules
security
iaine's avatar
iaine
Icon for Nacreous rankNacreous
Jul 29, 2019

Hi

You should be able to put all of the logic into the HTTP_REQUEST event, something like...

when HTTP_REQUEST {
	if { [string tolower [HTTP::uri]] starts_with "/restricted-uri" }{
	if {not [IP::addr [IP::client_addr] equals 10.0.0.0/8]} {
		drop
		}
	}
}
Cpet's avatar
Cpet
Icon for Altocumulus rankAltocumulus
Jul 29, 2019

Hi iaine,

Thanks for your prompt reply.

 

So you suggest to use http_request iRule and i will agree.

I must create 2 iRules regarding to allow 2 networks?