Forum Discussion
2 Replies
Sort By
- Daniel_VarelaEmployee
What version are you using? In version 13.x you can block IP addresses. First you need to trust the X-Forwarded-For header as the origin of you IP address in your security policy. Then in the IP Address section of you policy add the IP you need to block and set Always Block this IP.
Other option is an irule, there is a bunch of ASM commands to extend ASM functionalities, this is better in my opinion that a custom signature. You will probably will need to add more IPs to the blocking, datagroups will help you with that much more easy than a signature.
- Daniel_VarelaEmployee
Didn't have time to tested, the rule should look like:
re2:"/X-Forwarded-For:\s(84\.138\.39\.100|66\.55\.33\.64)/Hi";
You can add as many IPs as you need.
Update to escape dots :)