What could you do with your code in 20 Lines or Less? That's the question I ask (sometimes?) every week for the DevCentral community, and every week I go looking to find cool new examples that show just how flexible and powerful iRules can be without getting in over your head.

This week we've got three awesome examples of iRules that are designed to increase your application's security in less than 21 lines of code. Dealing with header size, cache control, and a Microsoft advisory, we get to see a couple of different ways in which iRules can save the day. This isn't a new theme. iRules can be an amazingly powerful security resource in the hands of someone with the security mindset to be aware of what is going on, and the F5/iRules knowledge to craft the solutions necessary to put in place the preventative measures necessary to thwart incoming attacks.

Preventing Overzealous Headers


To work around a recently released bug that allowed attackers to exploit excess parameters in an HTTP request, Aaron whipped up an iRule to count the parameters. User Wizdem had an excellent start, looking through the payload, but Aaron and Jason teamed up to make it more efficient and expanding it to look through the query string as well. If either of these have more than 100 parameters, it drops the request, assuming it to be an attack. Given that most requests shouldn't have anywhere near 100 parameters, that should be a pretty safe assumption, but your mileage may vary, as always. A very slick look at an iRule protecting against a known attack in a short period of time with only a few lines of code. This one looks longer than it is. Take out white space, comments, and log lines and you end up at 20. Honest.