Prevent Banner grabbing in F5 via irule

Preet_pk · ‎10-Aug-2022

Hi,

We have multiple web applications running on a single Virtual server with host/domain based pool routing.

For eg:

red.lab.ae

blue.labe.ae

irule:

when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
red.lab.ae {
pool Red_Pool1 }

green.lab.ae {
pool Green_Pool1 }

}
}

Please let me know how to prevent banner gradding for only specific domain (for eg: green.lab.ae) in F5

Kowal45631 · ‎10-Aug-2022

I have the same problem with facing same issue but no response from anyone and couldn't find this topic troubleshooting in search engine.

Leslie_Hubertus · ‎24-Aug-2022

Did @JoshBecigneul's comment above help?

JoshBecigneul · ‎10-Aug-2022

Hi @Preet_pk

If I'm understanding your question correctly, one option could be to add a default branch to the switch statement and then call either the drop or reject commands. Another way would be to use HTTP::respond and send back a 404 Not Found which might be better for troubleshooting purposes.

Thanks,
Josh

Preet_pk · ‎11-Aug-2022

Hi,

Can you share complete irule syntax so as to test it.

JoshBecigneul · ‎24-Aug-2022

Hi @Preet_pk

That would look something like this with the addition of the default option. I commented the other two options. More info on the switch operator is here: https://clouddocs.f5.com/api/irules/switch.html

when HTTP_REQUEST {
  switch [string tolower [HTTP::host]] {
    red.lab.ae {
        pool Red_Pool1
    }
    green.lab.ae {
        pool Green_Pool1
    }
    default {
        drop
        # reject
        # HTTP::respond 404 content "Not Found" noserver
    }
  }
}

DevCentral

Prevent Banner grabbing in F5 via irule

Register For AppWorld 2024

F5 Receives Six Trust Radius
Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

DevCentral

Prevent Banner grabbing in F5 via irule

Register For AppWorld 2024

F5 Receives Six Trust Radius Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

F5 Receives Six Trust Radius
Best of 2023 Awards