Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

help with irule

Hi,

I need to write irule that 1. drop connection to uri that contain "wp-admin" "login" "mydb" from specific ip address 2. allow access to uri that contain "admin-ajax.php"

This is the irule i wrote: when HTTP_REQUEST {

check the Class to determine if it's not allowed

deny access to wordpress /admin and /login from external ip address

Allow only My ip address to connect wordpress /admin and /login

Allow access to any host that contains "admin-ajax.php"

if {[HTTP::uri] contains "admin-ajax.php"} { log local0. "admin-ajax request accepted from client: [IP::client_addr]"

} elseif {[HTTP::uri] contains "wp-admin" || [HTTP::uri] contains "login" || [HTTP::uri] contains "mydb"} { if {not[class match [IP::client_addr] equals Technion_ip_Address] } { log local0. "dropped connection My ip address[IP::client_addr]" } else { reject } } }

Unfortunately the irule does not work, after the first if everything pass.

Suggestions please

Regards Rafi

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

you can begin with this irule then let me now if you need some update:

when HTTP_REQUEST {
    if { !([IP::client_addr] equals "10.0.0.8" ) } {

        if { ([string tolower [HTTP::uri]] contains "admin" || [string tolower [HTTP::uri]] contains "login") && !([string tolower [HTTP::uri]] contains "admin-ajax.php") } {
            drop
        }

    } 
}

Of course change "10.0.0.8" by your IP.

0
Comments on this Answer
Comment made 22-May-2018 by Rafish 143

Hi,

Thank you for your replay I prefer to work with class,

I success to rewrite the irule to, now the irule block access to "wp-admin", "login", "mydb" and allow Access to "admin-ajax.php" but the problem is that he also block access to "wp-admin", "login", "mydb" From class "My_ip_Address"

when HTTP_REQUEST { set low_uri [string tolower [HTTP::uri]] if {(( $low_uri equals "wp-admin")) or ( $low_uri contains "login" ) or ( $low_uri contains "mydb" ) or ( not ($low_uri contains "admin-ajax.php" )) and ( not [class match [IP::client_addr] equals My_ip_Address]) } then { HTTP::respond 404 content "This site has been blocked for maintenance work " log local0. "Blocked by iRule My_IP_Address_22_May" } }

Any idea ?

Regards Rafi

0
Comment made 22-May-2018 by youssef 3631

try this:

when HTTP_REQUEST {

set low_uri [string tolower [HTTP::uri]]

if { not ([class match [IP::client_addr] equals My_ip_Address]) }{

if {(( $low_uri equals "wp-admin") or 
   ( $low_uri contains "login" ) or 
   ( $low_uri contains "mydb" )) and 
   not ( $low_uri contains "admin-ajax.php")
   } then {
HTTP::respond 404 content "This site has been blocked for maintenance work " 
log local0. "Blocked by iRule  My_IP_Address_22_May"
}

}

} 
0
Comment made 22-May-2018 by Rafish 143

Hi Youssef,

I think it works, I'll look deeper tomorrow,

I saw that you change class match location

Can you explain the different ?

Regards Rafi

0
Comment made 22-May-2018 by youssef 3631

Hello Rafi,

First of I checked source IP, If it's allowed IP, I bypass the other restriction.

If the IP it'not your (not allowed), I checked other restriction (allowed URI).

I have decomposed the condition to make it simpler...

you made mistakes with "or" and "and".

let me now if you need more details.

Regards

0