Have some code. Share some code.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner
Historic F5 Account

Problem this snippet solves:

When applied to an HTTP virtual server, the exponential backoff iRule will count the POST requests and prevent users from firing them off two quickly. If a user or bot issues two tightly coupled POST requests they will be locked out temporarily and receive an HTTP response advising them to slow down. If they continue to probe the virtual server, they will be locked out for the next 24 hours on their 18th attempt.

Code :

when RULE_INIT {
  set static::min_lockout 2
  set static::max_lockout 86400
  set static::logging 1

  set static::session_id "[IP::remote_addr]:[TCP::remote_port]"
  set static::state_table "[virtual name]-exp-backoff-state"

  if { [HTTP::method] eq "POST" } {
    set prev_attempts [table lookup -subtable $static::state_table $static::session_id]

    if { $prev_attempts eq "" } { set prev_attempts 0 }

    # exponential backoff -
    set new_lockout [expr (1 << ($prev_attempts-1))]

    if { $new_lockout > $static::max_lockout } {
      set new_lockout $static::max_lockout
    } elseif { $new_lockout < $static::min_lockout } {
      set new_lockout $static::min_lockout

    table incr -subtable $static::state_table $static::session_id
    table timeout -subtable $static::state_table $static::session_id $new_lockout

    if { $static::logging > 0 } {
      log local0. "POST request (#[expr ($prev_attempts+1)]) from $static::session_id received during lockout period, updating lockout to ${new_lockout}s"

    if { $prev_attempts > 1 } {
      # alternatively respond with content -
      set response "Hold up there!

Hold up there!

You're" append response " posting too quickly. Wait a few moments are try again.

" HTTP::respond 200 content $response } } }
Version history
Last update:
‎18-Mar-2015 14:09
Updated by: