formiarevo_2065
Jun 15, 2015Nimbostratus
Solved
How to deny the request with the Host:IP address in the request header, not Host:the domain name.
Hi All,
I have a LTM device with version 11.6.0.
I would like to deny the HTTP request that the host value is IP address.
For example, Our website, test.com has a VIP, 1.1.1.1.
- I want to deny the user typing the IP address 1.1.1.1 on the browser and directly accessing our web site. On the other hand I want to allow the user typing the www.test.com on the browser.
To achieve this purpose, I have to the iRule. Is it impossible with out iRule?
Thanks Mia.
Yes, using an iRule is recommended here. Since you said you're using v11.6, you can also use what is called an LTM Policy(Local Traffic -> Policy) for such purpose. There are SOL arcitles that explain the topic.
If you want to use an iRule:
when HTTP_REQUEST { if { [HTTP::host] == "1.1.1.1" }{ reject If you want to send TCP-RST as a response (Connection has been reset error will occur) TCP::close If you want to drop the request (Timeout will occur) log local0. "[IP::client_addr] Denied access to <[HTTP::host][HTTP::uri]>" } }