Irule to block request from amazonaws.com
Hello, I have an irule to block request from amazonaws.com bad crawlers (millions of requests a day) but my irule doesn't work. Total executions is 0.. Here is the code : when HTTP_REQUEST { if { [matchclass [string tolower [HTTP::header Host]] contains blacklist_host] } { reject } } In my datagroup blacklist_host, I have amazonaws.com entry. If someone has a solution. Thank you
Block direct IP access from internet
Hi We have multi-domain (ie. a1.test.com, a2.test.com, etc) which is in one Virtual server. (*.test.com) Can we block direct ip access from internet? we want customer to connect using only website hostname , not public ip. but we have many hostname in one vip. Can I use this irule? when HTTP_REQUEST { switch -glob [HTTP::header "Host"] { "*.test.com"{ Allow} else { reject } }APM Per-Request Policy Reject - Custom message
When I have a Per-Request Policy end with a Reject, I get the default error page with the content: Access to this page is blocked. Access was denied by a per-request policy. The session reference number: a9f2a37b I'd like to customize this error page but can't find any instructions on how to do so. Suggestions?
ASM: Traffic learning - Enforce
Hello, I'm confused about (Manual) Traffic learning in version 12.1.2. The options are only Accept, Delete or Ignore Suggestion. Specific request is not blocked (Legal request) - Action is: "Set Perform Staging to disabled. ...", so if I Accept Suggestion, Staging will be disabled - which I don't want. Is there any option to directly set signature to "Enforce" under Traffic Learning Screen, like it was in previous version (11.6.0)? 12.1.2: 11.6.0: Best regards, Špela
Session Tracking with ASM - Block All Vs Delay Blocking
Hi Guys, I'm just looking to understand exactly the difference between the 'Block All' and 'Delay Blocking' options for session tracking on ASM policy. Both seem to block after a defined threshold is reached and will block for a defined period of time. It looks like the 'Delay Blocking' options is more granular however I expect that there is something significant I am overlooking. Also, the application I wish to use session tracking on does not have a login page. As a result I will be setting the 'Application Username' to 'none'. Will this allow me to still accurately track if an individual is spamming the application? Thank you
