How can I allow few pages in a website and block all?

Sharath413 · ‎29-Jan-2021

Hi F5 community,

I am new to F5 and still learning the console. Few days ago I was asked to configure F5 to block all but few pages in a website. Our web link format is as follows:
http://example.company.com:7077/pls/apex/f?p=769:9:0::NO:3:N6_COUNTY
Static Portion                                    always              http://example.company.com:7077/pls/apex/f?p=
Application Number                        for example    769
A list of colon separated items
                                                               i.      Application Page                for example    :9
                                                             ii.      Application Parameters    for example    :0::NO:3:N6_COUNTY,P3_TYPE,P3_SORT:3,A,R

The requirement is to allow 6 applications(app numbers and everything to it's right in that URL) and block all requests. On F5, I am showing the URL as "/pls/apex/f" . I don't think I can achieve this by URL config. How can I get this working?

Thank you.

Enes_Afsin_Al · ‎29-Jan-2021

Hi Sharath413,

when HTTP_REQUEST {
	if { not ([HTTP::uri] starts_with "/pls/apex/f?p=") } {
		drop
	}
}

If you want to check entire uri, you can use regex.

https://clouddocs.f5.com/api/irules/matches_regex.html

Sharath413 · ‎01-Feb-2021

Thank you so much for your comment. It is really helpful but I'm new to iRules and so wondering if I can do the same with ASM security profile instead?

Please advise.

Ivan_Chernenkii · ‎19-Feb-2021

You need to do next:

1) Create all allowed URLs on "Security ›› Application Security : URLs : Allowed URLs : Allowed HTTP URLs" page

2) Remove pure wildcard (*) URL (if exists)

3) Enable Alarm and Block for "Illegal URL" violation

Thanks, Ivan

DevCentral

How can I allow few pages in a website and block all?

Khoros Kudos Award 2022