Forum Discussion

d_spider's avatar
Icon for Altostratus rankAltostratus
Aug 27, 2021

Vulnerability Mitigation

Hello Mates, I am glad to be part of such a great community. From my last question’s response, I have learnt few new things. Today also, I have one query!   Few of our hosted URLs are affected w...
  • Mayur_Sutare's avatar
    Aug 27, 2021

    Hi  ,

    Yes you can mitigate it (or restrict access to URLs using allowed domains ) using iRules also where you will allow request coming for specific domain/URL only. Below is the sample iRule where it is allowing all the requests coming for * and * domains.

    Now here you can mentioned specific FQDNs as well e.g. or So its upto you how do you want to have your iRule. Additionally I have added statements to log the requests. This will give you visibility to the dropped requests as well. 

    when HTTP_REQUEST {
    if {([HTTP::host] contains "") || 
        ([HTTP::host] contains "")
    } {
            log local0. "Allowed Hostname:[HTTP::host]"
    } else {
        log local0. "“Invalid hostname: [HTTP::host]"

    Hope it helps!