URL Restriction Best Way

Question

Hi,&nbsp;
I have hosted one URL for our company on F5 - xyz.com, due to security audits, i have been asked to allow only specific paths, like - &nbsp;
xyz.com/ucc/xyz/mnn
xyz.com/abc/nuu/ooo
xyz.com/abc/nuu/dsf
xyz.com/abc/nuu/wer
xyz.com/abc/nuu/sd
xyz.com/abc/nuu/df&nbsp;
The list of path is big (around 20). What would be the best way to achieve it. I know it is possible by irule but it would be a big irule and may not be best approach.&nbsp;
Thanks in advance.&nbsp;

vijay_e · Answer

when HTTP_REQUEST {
set URI [string tolower[HTTP::uri]]
if { not ([class match $URI eq CLASS_ALLOWED_URI]) } {
discard
}
}

You would have to create a data-group and name it as CLASS_ALLOWED_URI (or anything else you want). The data-group will contain the list of allowed URI. The iRule uses reverse-logic and drops all requests that doesn't match the allowed URI list.

Forum Discussion

URL Restriction Best Way

1 Reply

Recent Discussions

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

Related Content

Office 365 Tenant Restrictions

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

Doing mTLS Authentication per URL

Irule for restricting access

F5 iRule Geolocation restriction