The way you are trying to write policy will forward traffic to the specified vServer/pool when request is coming for *.testforce.com. So with such policy, vServer will forward traffic for rest domain requests to default pool if you have it on your vServer. This strategy will be more useful when you want to forward traffic for specific domain to the desired pool/vServer
for abc.testforce.com forward traffc to abc-pool
for xyz.testforce.com forward traffc to xyz-pool
Looking at your use case, I would recommend you to write policy to deny ttraffic which is not coming for desired domain e.g. *.testforce.com. This will be more easy to maintain.
And whenever you want to add few more domain into allow list, you can add it in the rule. Ref policy is attached.
Now when traffic will come for the desired domain, vServer will forward it to desired pool based on either default pool or iRule etc, depending upon how are you managing it.
Hope it helps!