formiarevo_2065
Jun 15, 2015Nimbostratus
Solved
How to deny the request with the Host:IP address in the request header, not Host:the domain name.
Hi All,
I have a LTM device with version 11.6.0.
I would like to deny the HTTP request that the host value is IP address.
For example, Our website, test.com has a VIP, 1.1.1.1.
I...
- Jun 15, 2015
Yes, using an iRule is recommended here. Since you said you're using v11.6, you can also use what is called an LTM Policy(Local Traffic -> Policy) for such purpose. There are SOL arcitles that explain the topic.
If you want to use an iRule:
when HTTP_REQUEST { if { [HTTP::host] == "1.1.1.1" }{ reject If you want to send TCP-RST as a response (Connection has been reset error will occur) TCP::close If you want to drop the request (Timeout will occur) log local0. "[IP::client_addr] Denied access to <[HTTP::host][HTTP::uri]>" } }