I have requirement to block the traffic to a particular https path (Page) via iRule on WAF device in order to restrict the access of below url from all other geo location aspect Thailand country .
Can someone help on this. I have write below iRule.
when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] equals "http://abc.com/job-request/" && [whereis [IP::client_addr] country] ne "TH" } {
14-Jul-202103:33 - last edited on 04-Jun-202319:22 by JimmyPackets
iRule looks fine with few modifcations to uri and closing braces. Also, please check with the requestor if it should be explicit URL "/job-request/" or wildcard (i.e anything after) "/job-request*".
If it's a wildcard, replace "eq" with "starts_with"
when HTTP_REQUEST {
if { ([string tolower [HTTP::uri]] eq "/job-request") and ([whereis [IP::client_addr] country] ne "TH") } {
drop
} else {
return
}
}
/"/job-request" is specific path which needs to be restricted. So could you please advise if eq is suffice the needs or shall this change to starts_with ?
Since your iRule has use "ne" (not equal) operator for checking the Country, it's dropping on first condition. You can modify the operator to check just for TH country using "eq" operator to drop on else condition. Both should be fine.
