Forum Discussion

Nimbostratus

Jun 27, 2022

Whitelist IP in F5 based on URL

Hi All, I have a public domain which is exposing several APIs and being accessed by many partners. This state should remain as-is. Now, there is another API which should only be accessed by IPs whi...

security

Mayur_Sutare

MVP

Jun 28, 2022

Hi gauravk ,

You can try below iRule. Here "Allow-List" is a IP type of DataGroup.

when HTTP_REQUEST {
if {[HTTP::uri] eq "/path/to/api1"} {
if {![class match [IP::client_address] equals Allow-List]} {
HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close
TCP::close
}
}
}

Hope it helps!

gauravk
Nimbostratus
Jun 29, 2022
Thanks Mayur_Sutare
I will try this solution. May I know what is the difference between client_address and remote_addr. which one should be used ideally to get the client IP in order to be used in IP whitelisting.
Regards Gaurav

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Whitelist IP in F5 based on URL

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

ASM block all whitelisted urls and parameters in standby device

Whitelisting access to URLs based on specific IPs

url redirect

iRule based RADIUS Health Monitor Builder

iRule based RADIUS Server Stack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS