27-Jun-2022 03:28
Hi All,
I have a public domain which is exposing several APIs and being accessed by many partners. This state should remain as-is.
Now, there is another API which should only be accessed by IPs which are in my whitelist IPs list without any impact to above mentioned API traffic.
For example:
[1] /path/to/api1 -- > can only be accessed by IP1 , IP2, IP3...
[2] other apis --> no restriction
27-Jun-2022 20:22
Hi @gauravk ,
You can try below iRule. Here "Allow-List" is a IP type of DataGroup.
when HTTP_REQUEST {
if {[HTTP::uri] eq "/path/to/api1"} {
if {![class match [IP::client_address] equals Allow-List]} {
HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close
TCP::close
}
}
}
Hope it helps!
28-Jun-2022 18:41
Thanks @Mayur_Sutare
I will try this solution. May I know what is the difference between client_address and remote_addr. which one should be used ideally to get the client IP in order to be used in IP whitelisting.
Regards Gaurav