Cpet
Jul 29, 2019Altocumulus
Security issue - Oracle Identity System Administration login screen is exposed to public
Hi to all,
I have a cluster with 2 Big-IP VM ver13.1 .A VS has the role to load balanced OAM.I discovered that the Oracle Identity System Administration login screen is exposed to public.I found the solution with the below iRule.I want to allow only two networks (internal and VPN)
My question is if I must create two iRules for that.
set static::drop_notallowed 0
}
when CLIENT_ACCEPTED {
if {not [IP::addr [IP::client_addr] equals 10.0.0.0/8]} {
log local0. "[IP::client_addr] does not match 10.0.0.0/8 AND access URI = /restricted-URI/"
set static::drop_notallowed 1
}
}
when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] starts_with "/restricted-URI" }{
if {$static::drop_notallowed==1}{
drop
}
}
}