Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Restrict domain access via host IP

TJ01
Nimbostratus
Nimbostratus

‎17-Nov-2021 03:10

HI Guys,

 

The requirement is to restrict site access via IP - I am trying to block access based on host value

 

Can someone please review and advise if the below event block will work.

 

when HTTP_REQUEST {

 if { [HTTP::header "host"] equals "10.x.x.x"}{

    log local0. "dropped"

    reject

   }

 }   

Labels:
0 Kudos
3 REPLIES 3

Enes_Afsin_Al
MVP
MVP

‎17-Nov-2021 04:11 - last edited on ‎04-Jun-2023 19:15 by Fog

Hi TJ01,

You can use [HTTP::header host] or [HTTP::host]

when HTTP_REQUEST {
	if { [HTTP::host] equals "10.11.12.13" } {
		log local0. "request dropped - Host: [HTTP::host] ClientIP: [IP::client_addr]"
		drop
	}
}

For access only with host "abc.example.com"

when HTTP_REQUEST {
	if { [HTTP::host] ne "abc.example.com" } {
		log local0. "request dropped - Host: [HTTP::host] ClientIP: [IP::client_addr]"
		drop
	}
}
0 Kudos

TJ01
Nimbostratus
Nimbostratus

‎23-Nov-2021 22:28

Thanks Enes -- Appreciate your help on this ...

 

if we choose to use code to allow the host with "abc.example.com" only .. will that include the header of "www. abc.example.com" or need to explicitly add it what that "and" statement would be ?

0 Kudos

Enes_Afsin_Al
MVP
MVP
In response to TJ01

‎24-Nov-2021 07:43 - last edited on ‎04-Jun-2023 19:15 by Fog

Hi TJ01,

It will not contain "www.abc.example.com". If want to match with www:

when HTTP_REQUEST {
	if { [HTTP::host] ne "abc.example.com" && [HTTP::host] ne "www.abc.example.com" } {
		log local0. "request dropped - Host: [HTTP::host] ClientIP: [IP::client_addr]"
		drop
		return
	}
}
0 Kudos
Copyright © 2023 Khoros, LLC