Forum Discussion
Whitelist IP in F5 based on URL
Hi All,
I have a public domain which is exposing several APIs and being accessed by many partners. This state should remain as-is.
Now, there is another API which should only be accessed by IPs which are in my whitelist IPs list without any impact to above mentioned API traffic.
For example:
[1] /path/to/api1 -- > can only be accessed by IP1 , IP2, IP3...
[2] other apis --> no restriction
Hi gauravk ,
You can try below iRule. Here "Allow-List" is a IP type of DataGroup.
when HTTP_REQUEST { if {[HTTP::uri] eq "/path/to/api1"} { if {![class match [IP::client_address] equals Allow-List]} { HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close TCP::close } } }
Hope it helps!
- gauravkNimbostratus
Thanks Mayur_Sutare
I will try this solution. May I know what is the difference between client_address and remote_addr. which one should be used ideally to get the client IP in order to be used in IP whitelisting.
Regards Gaurav
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com