cancel
Showing results for 
Search instead for 
Did you mean: 

How can I allow few pages in a website and block all?

Sharath413
Nimbostratus
Nimbostratus
Hi F5 community, I am new to F5 and still learning the console. Few days ago I was asked to configure F5 to block all but few pages in a website. Our web link format is as follows: http://example.company.com:7077/pls/apex/f?p=769:9:0::NO:3:N6_COUNTY Static Portion                                    always              http://example.company.com:7077/pls/apex/f?p= Application Number                        for example    769 A list of colon separated items                                                                i.      Application Page                for example    :9                                                              ii.      Application Parameters    for example    :0::NO:3:N6_COUNTY,P3_TYPE,P3_SORT:3,A,R The requirement is to allow 6 applications(app numbers and everything to it's right in that URL) and block all requests. On F5, I am showing the URL as "/pls/apex/f" . I don't think I can achieve this by URL config. How can I get this working? Thank you.
3 REPLIES 3

Hi Sharath413,

when HTTP_REQUEST { if { not ([HTTP::uri] starts_with "/pls/apex/f?p=") } { drop } }

If you want to check entire uri, you can use regex.

https://clouddocs.f5.com/api/irules/matches_regex.html

Sharath413
Nimbostratus
Nimbostratus

 Thank you so much for your comment. It is really helpful but I'm new to iRules and so wondering if I can do the same with ASM security profile instead?

Please advise.

Ivan_Chernenkii
F5 Employee
F5 Employee

You need to do next:

1) Create all allowed URLs on "Security ›› Application Security : URLs : Allowed URLs : Allowed HTTP URLs" page

2) Remove pure wildcard (*) URL (if exists)

3) Enable Alarm and Block for "Illegal URL" violation

 

Thanks, Ivan