Restrict Post/Put methods

Question

Hi,&nbsp;
I want to give my development team restricted access to the F5 with REST API.
I need to give them only restricted access so they can monitor the status of the pool members.
How can I restrict them to a specific HTTP method, for example only GET?&nbsp;
Thanks in advance,
Lior Franko,&nbsp;

r_marc · Answer

ASM has this as a feature, per policy.  Otherwise, it's pretty easy to do in an iRule:&nbsp;
https://devcentral.f5.com/questions/irule-help-limit-http-methods-to-only-get-and-post-and-reject-everything-else&nbsp;

lior_54855 · Answer

Hi,&nbsp;
Thank you for this link.
I know how to do it with ASM or with iRule, but the REST API works on the MGMT interface.
Is there a way I can create virtual server and send the REST API requests through this virtual server?&nbsp;

r_marc · Answer

Sorry, misunderstood your question...I believe that access is handled via an apache instance.  You could perhaps modify the /etc/http/http.conf and add in some rewrite rules to block the unwanted methods.  That might persist reboots, but would not likely persist upgrades.  They don't appear to have included the allowed methods module.  However, you would be limiting the capability of the REST API to Read Only, unless you wrote a complicated rule to allow some IP's users to PUT/POST.

lior_54855 · Answer

Yea that's what I thought so.
I'm guessing F5 will add restricted users sometime, it's mandatory.
If anyone else know how to do it without modifying the /etc/http/http.conf I'll loved to know.&nbsp;
Thank you for the help.&nbsp;

shaggy · Answer

you should open an f5 support case to request the feature

Forum Discussion

Restrict Post/Put methods

6 Replies

Recent Discussions

F5 ASM logging profile to specify source IP

Portal Access to HTTPS resources slow

Cannot login to Avaya wanx using f5 apm network access

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Office 365 Tenant Restrictions

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

F5 iRule Geolocation restriction

Irule for restricting access

Load balancing method specific decision