Chris_Miller
Aug 12, 2010Altostratus
Limit Access to URI to HTTPS and IP
I'm interested in the best way to do this.
I want to limit access to the URI "/sample" to users from IP 1.1.1.1 while also only allowing said access to be HTTPS. If someone tries hitting it over HTTP, I don't want to send a redirect, I want to reject it.
Here's what I'm thinking:
when HTTP_REQUEST {
if { [HTTP::uri] eq "/sample" and !( [HTTP::header "True-Client-IP"] eq 1.1.1.1 } ) {
reject } }
Now how do I go about adding in the fact that it has to be over HTTPS? Do I need to use [TCP::local_port]? It looks like that's not a valid command within HTTP_REQUEST.
I also notice there's a "URI::port" and a "URI::protocol" command?
http://devcentral.f5.com/wiki/default.aspx/iRules/URI__port.html
http://devcentral.f5.com/wiki/default.aspx/iRules/URI__protocol.html