Request not hitting ASM_REQUEST_DONE in iRule

Question

Hi All,&nbsp;
I'm trying to create iRule that looks to data group and if entry is found in it, ASM blocks the request. &nbsp;
My iRule is following:&nbsp;
when ASM_REQUEST_DONE {
        if { [class exists "dg_wp_blocked_paths"] &amp;&amp;
             [class match "[HTTP::path]" starts_with dg_wp_blocked_paths] } {
            ASM::raise VIOL_BLOCKED_URL
        }
    }&nbsp;
And DG contains following string entries:&nbsp;
/admin
/wp-admin
/wp-login.php&nbsp;
But i can see that no request hit this iRule. I have turned iRule Blocked URL to Block in Security Profile settings and i can see that the requests are appearing in ASM Request log but not processed with the iRule.&nbsp;
The strange part is that we do have similiar iRule with exact same iRule aside different DG that works. I've checked the Virtual Server's but can't seem to point my finger what is different between these two - any hints?&nbsp;

youssef1 · Answer

try this:
when ASM_REQUEST_DONE {

read as, does the path exist in the dg_wp_blocked_paths DataGroup

if { [class match "[HTTP::path]" starts_with dg_wp_blocked_paths] } {
    ASM::raise VIOL_BLOCKED_URL

}

Forum Discussion

Request not hitting ASM_REQUEST_DONE in iRule

1 Reply

Recent Discussions

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Lockbit resurface after takeover & Lazarus are hitting Feb 25th – March 2nd - This Week in Security

Distributed caching of authentication requests with NGINX Ingress Controller

Logging DNS Requests

Client request not hitting the VIP.

Hitting the Easy Button: Securing the Remote Desktop on F5 BIG-IP APM