d_spider
Aug 27, 2021Altostratus
Solved
Vulnerability Mitigation
Hello Mates, I am glad to be part of such a great community. From my last question’s response, I have learnt few new things. Today also, I have one query! Few of our hosted URLs are affected w...
- Aug 27, 2021
Hi ,
Yes you can mitigate it (or restrict access to URLs using allowed domains ) using iRules also where you will allow request coming for specific domain/URL only. Below is the sample iRule where it is allowing all the requests coming for *.abc.com and *.xyz.com domains.
Now here you can mentioned specific FQDNs as well e.g. mysite.abc.com or mysite.xyz.com. So its upto you how do you want to have your iRule. Additionally I have added statements to log the requests. This will give you visibility to the dropped requests as well.
when HTTP_REQUEST { if {([HTTP::host] contains "abc.com") || ([HTTP::host] contains "xyz.com") } { log local0. "Allowed Hostname:[HTTP::host]" } else { drop log local0. "“Invalid hostname: [HTTP::host]" } }
Hope it helps!