drop incoming http requests to URI if external IP
Hi Guys
New to i-rules so would appreciate some pointers.
I have a situation where we have a pool of application servers that serve both private and public content (URIs). This pool is shared between virtual servers (which ultimately are private or publicly available). However due to the shared nature of the pool the situation exists where a crafted attack to the public virtual server could get access to a private URI on the pool memebers. In order to prevent this situation i need to configure some i-rules on the virtual server that drop requests if they are going to a private URI from a public (external) IP. At the same time acess to public URIs from public (External) IP still need to be available
So far i have the following but looking for advice on whether im on the right lines
when HTTP_REQUEST { if { [HTTP::host] equals "www.website.com" and [HTTP::uri] equals "/somethingspecific/index.html" and [matchclass [IP::remote_addr] equals $::PoolOfAllowedAddresses ]) } { pool poolofallowedservers } else { drop } }
Thanks