When deploying a NetScaler virtual load balancer to provide reverse proxy access to a web servers, you may have a requirement to block certain URLs being accessed.For example:
www.mycompany.com/useradmin
www.mycompany.com/private
This can be achieved using the Rewrite and Pattern Sets.
The following example will create a Pattern Set for the URLs that will be denied to users and a Rewrite Policy that will redirect the user back to www.mycompany.com
add policy patset pattern_deny_url_set
bind policy patset pattern_deny_url_set private -index 2 -charset ASCII
bind policy patset pattern_deny_url_set useradmin -index 1 -charset ASCII
add rewrite action rw_url_deny_act replace HTTP.REQ.URL.PATH_AND_QUERY “\”/\””
add rewrite policy rw_deny_url_pol “HTTP.REQ.URL.PATH.GET(1).TO_LOWER.EQUALS_ANY(\”pattern_deny_url_set\”)” rw_url_deny_act
Now bind the new rewrite policy to the required load balancing virtual server to enforce the blocked URLs.
Location
Level 13 (Regus)
92 Albert St
Auckland
We also have a virtual office in Wellington.
Contact Details
0800 000 141
Postal Address
PO Box 34797,
Birkenhead, Auckland 0746
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
2 Comments
Hi great write up
quick question can you go deeper
as in http://www.mycompany.com/private/admin
But still allow access to the private
You can achieve this by modifying the rewrite policy expression to use HTTP.REQ.URL.PATH.GET(2).