Forum Discussion
Vulnerability Mitigation
- Aug 27, 2021
Hi ,
Yes you can mitigate it (or restrict access to URLs using allowed domains ) using iRules also where you will allow request coming for specific domain/URL only. Below is the sample iRule where it is allowing all the requests coming for *.abc.com and *.xyz.com domains.
Now here you can mentioned specific FQDNs as well e.g. mysite.abc.com or mysite.xyz.com. So its upto you how do you want to have your iRule. Additionally I have added statements to log the requests. This will give you visibility to the dropped requests as well.
when HTTP_REQUEST { if {([HTTP::host] contains "abc.com") || ([HTTP::host] contains "xyz.com") } { log local0. "Allowed Hostname:[HTTP::host]" } else { drop log local0. "“Invalid hostname: [HTTP::host]" } }
Hope it helps!
You should see logged hostnames at path - /var/log under ltm files.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com