04-Aug-2021 19:58
Hi There,
I need help to write an iRule that will drop the request for any request after this uri:
/xyz/web/apx/ pass this request but anything after that uri need to drop the request ( drop /xyz/web/apx/*)
tried this but it is not working:
when HTTP_REQUEST {
if { [HTTP::uri] contains "/xyz/web/apx/*" } {
drop
}
Thank you in advance
Solved! Go to Solution.
05-Aug-2021 08:19 - last edited on 04-Jun-2023 19:21 by JimmyPackets
Hi AbuAhmad,
I missed something sorry. Could you please try below one:
when HTTP_REQUEST { if { [HTTP::uri] starts_with "/xyz/web/apx/" && not ([HTTP::uri] equals "/xyz/web/apx/") } { drop } }
View solution in original post
04-Aug-2021 22:26 - last edited on 04-Jun-2023 19:21 by JimmyPackets
If the uri starts with /xyz/web/apx then you can use the following irule:
when HTTP_REQUEST { if { [HTTP::uri] starts_with "/xyz/web/apx/" } { drop } }
Otherwise your irule is almost correct. Just remove the asteriks at the end of the uri.
Have a nice day.
05-Aug-2021 07:30
Thank you Oguzy for the quick response,
I tried this before but it drops the connection that I need to keep:
https://host.name.com/xyz/web/apx/ << need this to still function including the "/" at the end but anything after that "/" should be dropped.
Thats why I tried the "/*" as wildcard at the end as I don't have list of all the directories that comes after that but need to block all of them.
Any ideas will be highly appreciated.
06-Aug-2021 07:04
Thank you Oguzy so much for your help, this one worked as requested. I added to it "HTTP::respond 403" instead of "drop" to give a meaningful message.
The client came back saying they can't block everyone passed apx/ 😞
So I am going to use data groups to block certain directories until they provide the full list.
Thanks again for the help Oguzy.
