Forum Discussion
May 12, 2015
Try this:
when HTTPS_REQUEST {
log local0. "User-Agent:[HTTPS::header "User-Agent"]"
if { [string tolower [HTTPS::header "User-Agent"]] == "mozilla/4.0" && !([IP::addr [IP::client_addr] equals 1.1.1.1]) } {
drop
log local0. "Rejected request: [IP::remote_addr] User-Agent:[string tolower [HTTPS::header "User-Agent"]] requested [HTTPS::host][HTTP::uri]"
}
}
Replace 1.1.1.1 with whatever IP you want to allow. Please note that this rule require an SSL profile and an HTTP profile on the virtual server.
If you have multiple IP's it might be worth looking into a data group list.
Good luck!
/Patrik