cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

How do I block a user access to a directory within my website?

Sharath413
Nimbostratus
Nimbostratus

I'm running ASM in 15.1.2.

How do I block a user access to a directory within my website? For eg: I want to allow all URLs on my website but wp-content/uploads/testfolder/forms/*

As shown above, I want to block anything that is in that specific folder.

 

Can I do it using disallowed URLs setting?

1 ACCEPTED SOLUTION

Hi Sharath413,

 

Yes, you can use disallowed URLs policy for ASM.

https://support.f5.com/csp/article/K29418033#p2

 

Or iRule:

when HTTP_REQUEST { if { [HTTP::uri] starts_with "/wp-content/uploads/testfolder/forms/" && [IP::client_addr] ne "your_ip_address" } { drop } }

 

View solution in original post

2 REPLIES 2

Hi Sharath413,

 

Yes, you can use disallowed URLs policy for ASM.

https://support.f5.com/csp/article/K29418033#p2

 

Or iRule:

when HTTP_REQUEST { if { [HTTP::uri] starts_with "/wp-content/uploads/testfolder/forms/" && [IP::client_addr] ne "your_ip_address" } { drop } }

 

Sharath413
Nimbostratus
Nimbostratus

 I have added the URL along with a wildcard at the end in config utility. It seems to be working as desired. I had to enable block and alarm in learning and blocking settings.