Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

IRule to block URL/URI from Data Group

kgaigl
Cirrostratus
Cirrostratus

‎14-Dec-2022 22:45

Hello,

we've a VS with about 20 URLs, now I've to block Login-Sites dor the most but not all URL's, for eg:

www.somesite1.org/login

www.somesite2.org/member

www.somesite2.org/login

I'd like to put all the Adresses (about 30-40) in a Data Droup List with strings and reference this List in a IRule with a Respond like "HTTP::respond 403"

Could you help me with a Syntax? Should be Case insensitive.

Thank you

Labels:
0 Kudos
5 REPLIES 5

mihaic
MVP
MVP

‎15-Dec-2022 00:00

here is an example:

ltm data-group internal example_uri {
records {
login { }
member { }
}
type string
}

when HTTP_REQUEST {
if {[matchclass [string tolower [HTTP::uri]] contains example_uri]}{
HTTP::respond 403 content "You don't have authorization to view this page. Access Denied" noserver Content-Type text/html Connection Close Cache-Control no-cache
log local0. "deny URI: [HTTP::uri]"
}
}

0 Kudos

kgaigl
Cirrostratus
Cirrostratus

‎15-Dec-2022 00:11

Hi  mihaic,

thank you, but I need always the combination of [HTTP::host] and [HTTP::uri], becaus on some hosts the URI "login" should be allowed.

I guess the Data Group file I can manage, but the Syntax of the combination [HTTP::host] and [HTTP::uri] I'm not shure

0 Kudos

mihaic
MVP
MVP

‎15-Dec-2022 00:24

when HTTP_REQUEST {
if { ([HTTP::host] == "www.xyz.com") and ([matchclass [string tolower [HTTP::uri]] contains example_uri]) }{
HTTP::respond 403 content "You don't have authorization to view this page. Access Denied" noserver Content-Type text/html Connection Close Cache-Control no-cache
log local0. "deny URI: [HTTP::uri]"
}
}

0 Kudos

kgaigl
Cirrostratus
Cirrostratus

‎15-Dec-2022 01:06

Hi mihaic

with

when HTTP_REQUEST {
if { [class match [string tolower [HTTP::host][HTTP::uri]] equals BLOCK_LOGIN_SITES] } {
HTTP::respond 403
}
}

it's working

thank you

0 Kudos

CA_Valli
MVP
MVP

‎15-Dec-2022 01:32

Hi @kgaigl , 

this should work. Note that I'm not putting URI in lowercase so /login and /LOGIN will require two different matches (they would be two different URLs indeed anyways) 

 

when HTTP_REQUEST {
 set req "[string tolower [HTTP::host]][HTTP::uri]"
 if {[class match $req eq unallowed_datagroup]}{ HTTP::respond 403 }
}
ltm data-group internal unallowed_datagroup {
    records {
        www.somesite1.org/login { }
        www.somesite2.org/member { }
        www.somesite2.org/login { }
    }
    type string
}

 

CA_Valli_0-1671096742185.png

 

0 Kudos
Copyright © 2023 Khoros, LLC