Forum Discussion
Alfonso_Santia2
Altostratus
Hello Daniel,
Thanks for your reply. Will try this out but gave caution to customer as well.
What do you suggest how best to go about this requirement - allow only the access through mobile app (iPhone and Android) ?
jaikumar_f5
Jan 20, 2021MVP
I assume even with APM, its still going to check the user-agent variable & thats going to validate against if it contains "iPhone" or "android" as such. I think WAF would have this advanced detection.
But if the requirement is to allow mobile users alone, then the Irule should work. Anyone who knows to tamper the header, can still get the data.
Is the application internal or external facing ?