Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Block a specific URL that only ends with a specific keyword

Hello,

is it possible to block a specific URL (https based) that ENDS only with a specific keyword?

for example if I have a domain example.com and I want to only block: https://example.com/Logon and https://example.com/Logon/login

But at the same time I want any URL that CONTAINS the keyword Logon or login not to get blocked too.

for example: https://example.com/Logon/login?service=

so I can have the below results: https://example.com/Logon [BLOCK] https://example.com/Logon/login [BLOCK] https://example.com/Logon/login?service= [ALLOW]

Thank you,

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Try that:

In the URL : https://example.com/Logon/login?service=

  • HTTP::host is example.com
  • HTTP::path is /Logon/login
  • HTTP::query is service=
  • HTTP::uri is /Logon/login?service=

.

when HTTP_REQUEST {
switch -glob [string tolower [HTTP::path]] {
    "*/logon" -
    "*/logon/login" {
        if {[HTTP::query] equals ""} {
            HTTP::respond 404 content {
                <html>
                    <head>
                        <title>Access denied</title>
                    </head>
                    <body>
                    <b>Access denied</b>
                    </body>
                </html>
                } noserver
            return
        }
    }
}
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Your requirement is not quite clear.

Do you actually need to block URLs with specific keywords like "Logon" or just any URLs which don't have any parameters?

If you just need to block the URL without parameters you can simply make the parameters mandatory on wildcard URLs:

"*/Logon" 
"*/Logon/login"

and block if mandatory parameters are missing (e.g. parameter named "service" as per your example)

Another way is to create a custom ASM signature - refer to SOL15241:

https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15241.html

Hope this helps, Sam

0