Suppose I want to block all the traffic from a certain robot that advertises itself as having the user-agent field "AnnoyingRobot". I could use an iRule like this to block it:
when HTTP_REQUEST {
if { [HTTP::header "User-Agent"] contains "AnnoyingRobot" } {
drop
return }
}
The "contains" operator looks for a substring, so it'll catch "AnnoyingRobot/4.5" and "AnotherAnnoyingRobotButDifferent/mozilla".
The next step would be to have it search against a list of user-agents. The way to do this is with a "class" or "datagroup" (the terms appear to be interchangeable in F5-speak). So you can use the GUI to create a "string" type datagroup named "userAgentsToBlock" that contains:
AnnoyingRobot RegisCustomUseragent OtherStuffWeBlock
and then change the rule to be like this:
when HTTP_REQUEST {
if { [matchclass [HTTP::header "User-Agent"] contains $::userAgentsToBlock ] } {
drop
return }
}
Then apply that iRule to a given virtual server, and you're all set to drop traffic from user-agents you don't like.
No comments:
Post a Comment