Subsite ACL (Exception)

Question

I have a working irule that blocks access to a subsite of a website based on a IP address.  I would however like to add to the rule an exception url.  for instance all access is blocked to /admin but i would like a folder behind /admin to be able to be accessed.  Lets call that folder /upload.

jason_40769 · Answer

Here is the iRule 
&nbsp;  
&nbsp;  when HTTP_REQUEST { 
&nbsp;     if { [class match [string tolower [HTTP::uri]] contains subsite] and ![class match [IP::client_addr] eq allow] } { 
&nbsp;   discard } 
&nbsp; }

chris_miller · Answer

when HTTP_REQUEST {
if { [class match [string tolower [HTTP::uri]] contains subsite] and !([[string tolower [HTTP::uri]] contains "/admin/upload") and ![class match [IP::addr [IP::client_addr]] eq allow] } {
discard }
}

Should do it.

the_bhattman · Answer

Hi Jason, 
   You could also provide some information to the clients when they are denied access 
  
 Here is the one modified from Chris' 
 
when HTTP_REQUEST {
     if { [class match [string tolower [HTTP::uri]] contains subsite] and !([[string tolower [HTTP::uri]] contains "/admin/upload") and ![class match [IP::addr [IP::client_addr]] eq allow] }
       {
            HTTP::respond 200 content "Forbidden Redirect From Remote Server\Acess is forbidden" 
        }

}

I hope this helps 
 Bhattman

Forum Discussion

Subsite ACL (Exception)

Recent Discussions

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Inquiry About the "ast-api-discovery" Repository

Related Content

Protect your applications using F5’s Distributed Cloud and Fast ACL’s

ASM IP Exceptions

Ansible Error: An exception occurred during task execution

iControl 101 - #05 - Exceptions

except ip from asm logging

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS