Restrict inbound API calls using iRule
Dear Dev Central,
We have an externalized "API service" LTM VS that we use for various external service providers to send us call back receipts (Email, Fax, SMS etc). We want to restrict who can use this externalized VS to avoid DDoS attempts, but we are not able to do so via IP address as these external service providers change their IP addresses regularly. I was thinking that maybe we could restrict it down using an iRule that inspects the URI path for certain expressions as the external SP's send to us using a set number of URI paths that only we know about. The VS uses port 443 so the communications are encrypted. My question is this: If we develop an iRule that drops all traffic that doesn't contain certain expressions in the URI Path, are there any other ways an attacker could circumvent this and still hammer the VS? Or will the iRule drop any and all attempts that dont match the URI Path conditionals? Are there better ways to restrict this traffic other than an iRule? We have ASM installed on our LTM device.
I hope this makes sense. Thanks.