WebLogic Application Vulnerability Irule

Question

Hi Team,&nbsp;
We are using the below irule against a weblogic server application:&nbsp;
Irule for blocking weblogic urls to hosts.
when HTTP_REQUEST {
set uri [HTTP::uri]
set host [HTTP::host]
log local0. "Uri is [HTTP::uri]"
 if { $uri eq "/console" } {
        HTTP::redirect "http://$host"
        return&nbsp;
log local0. "matched URI [HTTP::uri]"
} elseif {[matchclass $uri contains $::wl_admin_paths]} {
        HTTP::redirect "http://$host"
        return
  } &nbsp;
}&nbsp;
where wl_admin_paths is a String Data-Group which is consisting of the below:&nbsp;
/Author
/login.workflow:Enter
/seapibroker
/sehelp
:Admin
:SiteStatus
seutil.workflow:workflowTester&nbsp;
So, will this Irule is basically blocking the URI contents which are mapped there ?
Kindly guide, not understanding this script much.&nbsp;
Thanks and Regards
Parveez&nbsp;

nitass · Answer

} elseif { [matchclass $uri contains $::wl_admin_paths] } {  
      HTTP::redirect "http://$host"  
      return  
}

if uri is in wl_admin_paths data group, send user http redirection root (

Forum Discussion

WebLogic Application Vulnerability Irule

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

SSL cipher

iApps with load ucs Platform-migrate on newer hardware

Raise your hand if you'll be at AppWorld 2026

Using Terraform to update / modify an existing iRule

getting compiling error when enabling Nginx App_potect

Related Content

Introducing the F5 Application Study Tool (AST)

Weblogic JSessionID Persistence

Mitigating OWASP Web Application Risk: Vulnerable & Outdated Components using F5 XC Platform

Mitigating OWASP Web Application Risk: Vulnerable and Outdated Components using F5 BIG-IP

OpenSSH vulnerability

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS