Hi Majda,
from my perspective it is best practice to use an iRule with a "
[class match [string tolower [HTTP::path]] starts_with ]
" condition.
The datagroup will be of type string and contains a whitelist (allowed list) of allowed paths in lower-case format as keys (no values required).
You will find tons of working examples here on DC.
The "
class
" wiki
page will be a good start.
Please avoid using the legacy syntax of "
matchclass
" or "
findclass
" and datagroups with the "
$::
" prefix!
With current TMOS versions it should not be a problem to use a datagroup of this size.
I would recommend, to work with a so called external datagroup (stored as a separate file in the TMOS filestore, which can be easily updated).
Thanks, Stephan
PS: Just noticed the "Application Security Manager" (ASM) tag in your post. My response refers to standard "Local Traffic Manager" (LTM) features.