Forum Discussion

d_spider's avatar
d_spider
Icon for Altostratus rankAltostratus
Aug 27, 2021

Vulnerability Mitigation

Hello Mates, I am glad to be part of such a great community. From my last question’s response, I have learnt few new things. Today also, I have one query!   Few of our hosted URLs are affected w...
application delivery
BIG-IP
LTM
  • Mayur_Sutare's avatar
    Mayur_Sutare
    Aug 27, 2021

    Hi  ,

    Yes you can mitigate it (or restrict access to URLs using allowed domains ) using iRules also where you will allow request coming for specific domain/URL only. Below is the sample iRule where it is allowing all the requests coming for *.abc.com and *.xyz.com domains.

    Now here you can mentioned specific FQDNs as well e.g. mysite.abc.com or mysite.xyz.com. So its upto you how do you want to have your iRule. Additionally I have added statements to log the requests. This will give you visibility to the dropped requests as well. 

    when HTTP_REQUEST {
 
if {([HTTP::host] contains "abc.com") || 
    ([HTTP::host] contains "xyz.com")
   
} {
 
        log local0. "Allowed Hostname:[HTTP::host]"
} else {
 
    drop
    log local0. "“Invalid hostname: [HTTP::host]"
}
}

    Hope it helps!

d_spider's avatar
d_spider
Icon for Altostratus rankAltostratus
Aug 27, 2021

I tested the irule functionality in my test environment and it’s working as expected. It allows only request coming for specified domain. Thanks Mate for your help here! Appreciate it

Related Content