F5 ASM Rate limit Requests based on Source IP

BrianKiplagat · ‎18-Mar-2020

We have a situation where we would like to limit the number of requests form a particular IP to a web server seated behind ASM to 1 request per Source IP per second. Is this configuration option available via ASM configuration?

PeteWhite · ‎20-Mar-2020

The short answer is no - you can do that fairly easily via iRules and the table ie add a table entry with a 1 second lifetime and if the client IP is present then deny access

pseudocode:

when HTTP_REQUEST

if table entry

drop/respond

else

add entry to table

endif

endwhen

Do you want to do this for ALL clients or just a specific one?

DevCentral

F5 ASM Rate limit Requests based on Source IP