IRule to block different combinations host/uri
hello together, we've got a VIP with a lot of CNAME's and a few login-URI's should be blocked, but not all. so in our Irule we have some Entries like: elseif { [HTTP::uri] starts_with "/presse/login"} { HTTP::respond 403 but now we need special Combinations of [HTTP::host][HTTP::uri] could you pls provide me some Example? I'm not sure if [HTTP::host] matches alo for HTTPS. Thank you Karl
Block page for TLSv1.x or SSL connections
We have a web page/application that we want to reject connections from any client not using at least TLSv1.2. The way we were planning on doing that was to do this in IIS on the server. It would disallow access to the application and display a banner directing them to update their browser and/or OS to a more recent version. But it appears that since TLS is terminating on the F5, when the server-side TLS connection is established to IIS, it's preferring TLSv1.2 and IIS is never seeing the 1.0/1.1 or SSLv3 connections and thus no banner is displayed. I'd like to block everything but TLSv1.2 at the F5 but also be able to display a page that explains that they need to update their browser rather than them just getting a generic "cannot connect to page" type of response. Not sure the best/easiest way to do this - would it be with an iRule or some block page via LTM policy? I've never done this before so any help would be appreciated.