Forum Discussion

d_spider's avatar
d_spider
Icon for Altostratus rankAltostratus
Aug 27, 2021
Solved

Vulnerability Mitigation

Hello Mates, I am glad to be part of such a great community. From my last question’s response, I have learnt few new things. Today also, I have one query!   Few of our hosted URLs are affected w...
  • Mayur_Sutare's avatar
    Aug 27, 2021

    Hi  ,

    Yes you can mitigate it (or restrict access to URLs using allowed domains ) using iRules also where you will allow request coming for specific domain/URL only. Below is the sample iRule where it is allowing all the requests coming for *.abc.com and *.xyz.com domains.

    Now here you can mentioned specific FQDNs as well e.g. mysite.abc.com or mysite.xyz.com. So its upto you how do you want to have your iRule. Additionally I have added statements to log the requests. This will give you visibility to the dropped requests as well. 

    when HTTP_REQUEST {
     
    if {([HTTP::host] contains "abc.com") || 
        ([HTTP::host] contains "xyz.com")
       
    } {
     
            log local0. "Allowed Hostname:[HTTP::host]"
    } else {
     
        drop
        log local0. "“Invalid hostname: [HTTP::host]"
    }
    }

    Hope it helps!