Forum Discussion
hooleylist
Mar 02, 2010Cirrostratus
Hi Dave,
It's possible, but not effective as the URI check in an iRule can't handle the various obfuscation methods an attacker could use to bypass the validation. If you did try to normalize all the potential obfuscation techniques, you'd probably end up with a resource hog of an iRule.
See this post for details:
http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&tpage=1&view=topic&postid=3090031324
I should note that you can normalize the URI using an app firewall like ASM or validation on the webservers themselves.
Aaron