blocking different URI but allowing al the other ones

Question

Hi, 
&nbsp;  
&nbsp; I'm new to F5 and have a problem. 
&nbsp; I want to disallow some URI but allow everything else, is this possible to do with the ASM? 
&nbsp;  
&nbsp; For examples: 
&nbsp;  
&nbsp; Deny /me/private/* 
&nbsp; Deny /company/private/* 
&nbsp; Permit * 
&nbsp;  
&nbsp; I this possible with ASM (currently running version 9.4.5) or do I need to do some work arround with iRules? 
&nbsp;  
&nbsp; Can somebody help me out? 
&nbsp;  
&nbsp; Kind regards, 
&nbsp;  
&nbsp; Anthony

hooleylist · Answer

Hi Anthony, 
&nbsp;  
&nbsp; Sure this is possible.  Assuming you are on 9.4.2 or higher, you can define a no_ext object type, a wildcard object and then use attack signatures to dictate that the URI cannot match /me/private/* or /company/private/*  
&nbsp;  
&nbsp; You can check the ASM Config Guide for your version for details on these steps. 
&nbsp;  
&nbsp; Aaron

tom_spector_50 · Answer

You can also use the http class mechanism to redirect requests to these URL's back to the homepage (make sure they are evaluated first) 
&nbsp;  
&nbsp; Thanks, 
&nbsp; Tom.

Forum Discussion

blocking different URI but allowing al the other ones

2 Replies

Recent Discussions

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

About AWAF "Redirect URLs" in "Responses and Blocks"

ISP Bandwidth Utilization

Related Content

allow one url from blocks geolocation

Block traffic

domain blocking

WAF - Allow uploads of only files with certain extensions and block all other file uploads

Block IP after a number of ASM Blocks