NetScaler Block URLs

When deploying a NetScaler virtual load balancer to provide reverse proxy access to a web servers, you may have a requirement to block certain URLs being accessed.For example:

www.mycompany.com/useradmin

www.mycompany.com/private

This can be achieved using the Rewrite and Pattern Sets.

The following example will create a Pattern Set for the URLs that will be denied to users and a Rewrite Policy that will redirect the user back to www.mycompany.com

add policy patset pattern_deny_url_set

bind policy patset pattern_deny_url_set private -index 2 -charset ASCII

bind policy patset pattern_deny_url_set useradmin -index 1 -charset ASCII

add rewrite action rw_url_deny_act replace HTTP.REQ.URL.PATH_AND_QUERY “\”/\””

add rewrite policy rw_deny_url_pol “HTTP.REQ.URL.PATH.GET(1).TO_LOWER.EQUALS_ANY(\”pattern_deny_url_set\”)” rw_url_deny_act

Now bind the new rewrite policy to the required load balancing virtual server to enforce the blocked URLs.

2 Comments

Skip says:
October 9, 2014 at 10:01 pm
Hi great write up
quick question can you go deeper
as in http://www.mycompany.com/private/admin
But still allow access to the private
Log in to Reply
Daniel Almond says:
October 13, 2014 at 11:56 pm
You can achieve this by modifying the rewrite policy expression to use HTTP.REQ.URL.PATH.GET(2).
Log in to Reply

Contact Deptive

Location
Deptive - Commercial Bay
11-19 Customs Street West St
Commercial Bay Tower, Level 17, Room 1715
Auckland 1010

Contact Details

0800 000 141

Postal Address
PO Box 34797,
Birkenhead, Auckland 0746

NetScaler Block URLs

2 Comments

Leave a Reply Cancel reply

Contact Deptive