Do not allow IP through https

Question

Hello,&nbsp;
I am inquiring on how to do the following:&nbsp;
Do not allow IP access through HTTPS&nbsp;
Example: 
https://33.33.33.33 &lt; - Don't allow this
https://dns.name.com &lt; - Allow this only&nbsp;
I am not sure how about to search this through the F5 Dev Central articles, any help is greatly appreciated.&nbsp;
Thanks&nbsp;

ngx_it_134965 · Answer

BIG-IP v11.5.1 is what I am running&nbsp;

niels_van_sluis · Answer

Try this:
when HTTP_REQUEST {
    if { !([string tolower [HTTP::host]] equals "dns.name.com") } {
        reject
    }
}

emad_26973 · Answer

Another Approach will be to add all virtual server IPs in a data group and write a generic irule to deny request, you can either reject or send HTML having access denied message e.g
ltm rule fqdn_access {
    when HTTP_REQUEST {
        if {[class match [HTTP::host] equals VIP_IPs] }{
                HTTP::respond 200 content {

Access Denied

We are sorry. Use FQDN to access.

}
            } 
    }
    }
    DataGroup
    ltm data-group internal VIP_IPs {
    records {
    33.33.33.33 { }
    33.33.33.34 { }
}
type string
}

ngx_it_134965 · Answer

Thank you very much everyone, the first one worked great for me :). &nbsp;

ngx_it_134965 · Answer

Thank you very much everyone, the first one worked great for me :). &nbsp;

Forum Discussion

Do not allow IP through https

5 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

iRule to take cookie from HTTP Response into HTTP Request via table

HTTP To HTTPS Redirect 301

What is HTTP Part X - HTTP/2

Http server node receives partial http request big-ip load balancer

how to add HTTP HOST to telemetry (Generic HTTP)?