Filtering rules on subsites - NSX LB

Hjelmar · October 31, 2018, 11:37am

Hi

I am trying to accomplice the following in an NSX Load balancer (The NSX documentation refers to HAproxy so I’m asking here :

I have a website - www.website.com/cloud in the /cloud there is an admin interface which I want to restrict access to with a whitelist.

Sites AFTER /Cloud/ shouln’t be blocked - so all other sites on “website.com/cloud/*” should be accessible to all

If I use this rule below, it works - but blocks everything that contains cloud:

acl is_cloud path_beg -i /cloud/

acl whitelist src [IP ADRESSES]

block if is_cloud !whitelist

Is i possible to block access only /cloud/" and not all other sites?

/Kenneth

lukastribus · October 31, 2018, 12:39pm

Use path instead of path_beg, also see: path.

Hjelmar · October 31, 2018, 12:57pm

Well that was obvious - Dont know why I didn’t think of that

Thank you

lukastribus · October 31, 2018, 1:57pm

No problem. Is this NSX LB doc public? Can you point me to it?

Topic		Replies	Views
Restricting URLs to an IP range Help!	2	428	October 25, 2023
Trying to block empty or null user-agent traffic into the site Help!	1	997	November 24, 2022
Help about Haproxy control list, how can allow only some specific links to pass haproxy server Help!	4	2494	July 5, 2016
Haproxy acl to block ips and host header Help!	2	2231	December 17, 2020
Segregate haproxy ACLs Help!	0	287	December 22, 2021