Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Reverse Proxy iRule to restrict the access on IP

Anis_Bhambhani
Nimbostratus
Nimbostratus

‎04-Jun-2020 04:23

Hi,

I have a Virtual Server setup with SSL (client and Server) Profile.

 

Virtual Server : https://abc.com

 

There is an extension to this URL for a specific application https://abc.com/iauth-token. I want to setup a reverse proxy setup where

 

From ANY to https://abc.com - Allow

From 1.1.1.1/32 to https://abc.com/iauth-token - Allow

From ANY to https://abc.com/iauth-token - DENY.

 

Is that possible with URI based restriction with iRule and how can that be done?

 

 

 

 

Labels:
0 Kudos
1 REPLY 1

Mayur_Sutare
MVP
MVP

‎04-Jun-2020 07:49

Hello,

 

First create one DataGroup list of IP addresses to be allowed and map it under Below iRule.

 

when HTTP_REQUEST {

if {[HTTP::uri] eq "/iauthtoken"} 

{

if {not ([class match [IP::client_addr] equals Allow-List])} {

HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close

TCP::close

}

}

}

 

Above iRule will allow access to mentioned URI from addresses which are part of Allow-List data group. Rest traffic should work w/o any issue.

 

Hope it works!

Mayur

0 Kudos
Copyright © 2022 Khoros, LLC