Tighter security for one geolocation only?

Question

Our website needs tighter security for one geolocation.  I thought of creating a separate security policy with tighter restrictions for web scrapping and DoS for this geolocation.&nbsp;
Is the best way to do this?  If this is a good solution, can you guide me to where I can learn how to apply the new security policy to just the one geolocation, please?
Many thanks in advance.  p.s.  I am very new at this.&nbsp;

pragathishakart · Answer

Hi, 
       Please refer below.
       http://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-config-11-1-0/asm_security_policy.html&nbsp;

dianna_129659 · Answer

Thank you. This should help guide me.

pragathishakart · Answer

Just let me know how you get on with this.&nbsp;

dianna_129659 · Answer

It was suggested that I write an iRule to use the "whereis  country" command[1] to insert a header[2] into the request so that a HTTPClass can be used to change policies on that header.  THern I would need to  configure the HTTPClass to match on the header and configure the policy for Mexico on that HTTPClass, when I setup that HTTPClass first in the HTTPClass order on the virtual, it will catch Mexican requests and other requests will fall back to the other HTTPClass.  
Will this work with ASM version 11.3?

Forum Discussion

Tighter security for one geolocation only?

4 Replies

Recent Discussions

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

F5 Rseries HA

Related Content

Edge to Pulse: IP Geolocation Database Migration

Using ChatGPT for security and introduction of AI security

BIG-IP Geolocation Updates – Part 1

Auditing Security Policy Updates

HTTP Multipart and Security Implications