We have our website abc.com and we would like to block the specific like abc.com/123/ which access from Japan. I try to find some trick to write the iRule but it's not access. Anybody here can me on this? I tried something like the iRule below but it still no luck.
when HTTP_REQUEST {
if { [HTTP::header exists "X-Forwarded-For"] } {
set client_ip [HTTP::header value "X-Forwarded-For"]
set fromCountry [whereis $client_ip country]
if { ( [class match $fromCountry equals example_datagroup]) }{
log local0. "Attacker IP in XFF [HTTP::header X-Forwarded-For]" ;# This can be removed/commented out if not required
HTTP::respond 403 content "Blocked!" ;# This can also be changed to drop or reject based on the requirement
03-Dec-202007:32 - last edited on 04-Jun-202321:10 by JimmyPackets
Try below iRule. Hope it will work for you.. thanks
when HTTP_REQUEST {
set fromCountry [whereis [IP::client_addr] country]
if { ([class match $fromCountry equals example_datagroup]) && ([HTTP::uri]] starts_with "/abc") } {
log local0. "Attacker IP in XFF [HTTP::header X-Forwarded-For]" ;# This can be removed/commented out if not required
HTTP::respond 403 content "Blocked!" ;# This can also be changed to drop or reject based on the requirement
}
}
Are you trying to block access based on a URL, such as abc.com/123/, or are you trying to block access based on the client's geolocation, as determined by the IP address provided in the HTTP X-Forwarded-For header?
