29-Dec-2020 09:26
I need to create iRule to block client IP if it met below condition :
then i want to block this IP for 1 hour and after 1 hour the IP should be unblocked .
is it possible to do this?
29-Dec-2020 13:43
Hello Blue.
You can react to a ASM violation using an iRule. Some examples:
https://support.f5.com/csp/article/K15573541
https://support.f5.com/csp/article/K37744422
After that you could include that IP into a table variable with one hour of timeout. This table would be checked everytime you receive a request. I did a similar iRule here:
https://devcentral.f5.com/s/articles/iRule-for-Brute-Force-Password-Guessing-Attacks?page=6
Regards,
Dario.