Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

sbrudolf1_14757's avatar
sbrudolf1_14757
Icon for Nimbostratus rankNimbostratus
May 22, 2014
Solved

Trouble with Exclusion URI iRule

I am trying to write an iRule that disabled APM if it see's a uri and does not see a session already exists. I have a working iRule of the opposite but i can't seem to get this working properly. Did ...
application delivery
BIG-IP Access Policy Manager (APM)
design
devops
irules
security
  • Cory_50405's avatar
    Cory_50405
    May 27, 2014

    Your latest iRule contains a capital letter in your match string. It'll never match since you are converting to lower case before comparison.

     

sbrudolf1_14757's avatar
sbrudolf1_14757
Icon for Nimbostratus rankNimbostratus
May 23, 2014

That works great, i ran into another issue though. For some reason, i can only enter one directory into the "/uri1". EX: If i enter starts_with "/helpdesk" Then anything behind that directory won't get APM as expected. If i enter "/helpdesk/webobjects" i would expect everything behind that directory not to get APM as long as there was no session cookie. For some reason, it is still getting APM.

 

I have verified with with the session cookie portion missing from the script too. A bug maybe? or is that the expected behavior.