Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Problem limit the access to an URI when using SSL - iRule

Hi Guys

I'm trying to keep allowed only some IP address to a specific URI in my web portal but it's not working. The access is SSL terminated in BIG-IP.

My logical is to check if the URI is /admin/ and the IP address is listed, so the access will be allowed elseif will be denied but all access still being allowed.

Exists something specific to deal with this in SSL ?

Tks

Luiz

0
Rate this Discussion
Comments on this Discussion
Comment made 22-Nov-2016 by crodriguez

Can you show your iRule code, please?

0

Replies to this Discussion

placeholder+image

Unfortunately, the description is somewhat ambiguous to me. I assume you mean "if connection is from an authorized IP, allow access to anything under /admin. While non-authorized IPs cannot get to things under /admin, those addresses can go anywhere else." Assuming that's what you mean, the I suggest creating a data group with the allowed members, then an iRule like this (where the data-group name is dg-admin-allowed):

when HTTP_REQUEST {
    switch -glob [HTTP::path] {
        "/admin" -
        "/admin/*" {
            if { ![class match [IP::client_addr] equals dg-admin-allowed] } {
                HTTP::respond 403 content { ... }
            }
        }
    }
}

Obviously, substitute your actual desired (presumably HTML) content for the ellipsis (...).

0