04-Feb-2021 12:23
I'm running ASM in 15.1.2.
How do I block a user access to a directory within my website? For eg: I want to allow all URLs on my website but wp-content/uploads/testfolder/forms/*
As shown above, I want to block anything that is in that specific folder.
Can I do it using disallowed URLs setting?
Solved! Go to Solution.
04-Feb-2021
12:51
- last edited on
04-Jun-2023
21:04
by
JimmyPackets
Hi Sharath413,
Yes, you can use disallowed URLs policy for ASM.
https://support.f5.com/csp/article/K29418033#p2
Or iRule:
when HTTP_REQUEST {
if { [HTTP::uri] starts_with "/wp-content/uploads/testfolder/forms/" && [IP::client_addr] ne "your_ip_address" } {
drop
}
}
04-Feb-2021
12:51
- last edited on
04-Jun-2023
21:04
by
JimmyPackets
Hi Sharath413,
Yes, you can use disallowed URLs policy for ASM.
https://support.f5.com/csp/article/K29418033#p2
Or iRule:
when HTTP_REQUEST {
if { [HTTP::uri] starts_with "/wp-content/uploads/testfolder/forms/" && [IP::client_addr] ne "your_ip_address" } {
drop
}
}
04-Feb-2021
12:59
- last edited on
24-Mar-2022
02:13
by
li-migration
I have added the URL along with a wildcard at the end in config utility. It seems to be working as desired. I had to enable block and alarm in learning and blocking settings.