minnoce944
Jun 24, 2014Nimbostratus
denying access except for specific domains and paths
Hi, i have requirements to lock down specific domains and paths unless they are valid. This VIP has multiple domain names pointing at it so i'm trying to cover all possible conditions. I have something i've put together, but i wanted to see is this can be done more elegant / more efficient.
Condition 1: domain can be anything except img.domain.com but has to start with /path1/, otherwise issue a 403 Condition 2: domain has to be img.domain.com and start with /path2/, otherwise issue a 403 Condition 3: domain has to be img.domain.com and start with /path3/, otherwise issue a 403
Here is what i've came up with so far:
when HTTP_REQUEST {
if { not ([string tolower [HTTP::uri]] starts_with "/path1/") and not ([HTTP::host] eq "img.domain.com") } {
HTTP::respond 403
}
if { (not ([string tolower [HTTP::uri]] starts_with "/path2/")) or (not ([string tolower [HTTP::uri]] starts_with "/path3/")) and ([HTTP::host] eq "img.domain.com") } {
HTTP::respond 403
}
}
Thanks