cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
Nick_T_68319
Nimbostratus
Nimbostratus

Problem this snippet solves:

The following is an example of an iRule that will allow you to block a list of countries that are not allowed to access your web site.

$::country_block is a datagroup of a list of countries that should be blocked. (ie. US)

Uncomment the option you wish to use. You may drop the connection, reject, 403 response, or redirect them to a "We're sorry" page.

Uncomment the log line if you wish to log the IP addresses of the client's being blocked.

Code :

when HTTP_REQUEST {
    if { [matchclass [whereis [IP::client_addr] country] eq $::country_block] } {

       #Uncomment which block option you prefer to use.

       # Drop the connection 
       #drop 

       # Reset the connection 
       #reject 

       # Send a 403 response 
       HTTP::respond 403 Content {Not allowed}

       # Redirect somewhere else
       #HTTP::redirect "http://blah.com/sorry.html"

       #Uncomment the line below to turn on logging, comment with a # to turn off logging.

       #log local0.  "Blocked Country client IP: [IP::client_addr]"
    }
}
Version history
Last update:
‎17-Mar-2015 12:24
Updated by:
Contributors