Forum Discussion

seth_83421's avatar
seth_83421
Icon for Nimbostratus rankNimbostratus
Sep 04, 2009

How to restrict access to a URL from a different URL

I'm a newbie to iRules, and would like some help please!

 

I'm wondering how I can restrict access to (for example) www.seagulls.com so it can only be accessed from www.birdwatch.com.

 

 

Something like this? Sorry for the messy syntax.

 

 

b rule seagulls_rule {

 

when HTTP_REQUEST {

 

if {[HTTP::header exists "Referer"]}{

 

pool seagulls_pool

 

}

 

else {

 

command to drop

 

}

 

{

 

set ::drop_msg "Sorry, you can't access this page directly"

 

}

 

}

 

}

 

 

 

Thanks!!!

3 Replies

  • You are heading in the right direction. Your iRule just checks if there is a Referer header. If you want to restrict from a single site, you'll have to check agains the value of the Referer header.

     when HTTP_REQUEST { 
       if { ([HTTP::header "Referer"] ne "www.birdwatch.com") } { 
         HTTP::respond 200 Content "SORRY, You Can't access this page directly"; 
       } 
     }

    This assumes you have the "seagulls_pool" set as the default pool for the virtual. If not, then add an "else" to the if clause and do the pool assignment there.

    -Joe
  • Keep in mind that any client can manipulate the value of any HTTP header. There are many browser plugins which allow a user to do this like RefControl (Click here) or TamperData (Click here).

     

     

    Aaron