Forum Discussion

d_spider's avatar
d_spider
Icon for Altostratus rankAltostratus
Aug 27, 2021

Vulnerability Mitigation

Hello Mates, I am glad to be part of such a great community. From my last question’s response, I have learnt few new things. Today also, I have one query!   Few of our hosted URLs are affected w...
application delivery
BIG-IP
LTM
  • Mayur_Sutare's avatar
    Mayur_Sutare
    Aug 27, 2021

    Hi  ,

    Yes you can mitigate it (or restrict access to URLs using allowed domains ) using iRules also where you will allow request coming for specific domain/URL only. Below is the sample iRule where it is allowing all the requests coming for *.abc.com and *.xyz.com domains.

    Now here you can mentioned specific FQDNs as well e.g. mysite.abc.com or mysite.xyz.com. So its upto you how do you want to have your iRule. Additionally I have added statements to log the requests. This will give you visibility to the dropped requests as well. 

    when HTTP_REQUEST {
 
if {([HTTP::host] contains "abc.com") || 
    ([HTTP::host] contains "xyz.com")
   
} {
 
        log local0. "Allowed Hostname:[HTTP::host]"
} else {
 
    drop
    log local0. "“Invalid hostname: [HTTP::host]"
}
}

    Hope it helps!

d_spider's avatar
d_spider
Icon for Altostratus rankAltostratus
Aug 27, 2021

I really appreciate your quick response on this. I will try this irule under my test environment and update you. Just one query, where will the logged requests available to verify?

Related Content