HTTP deny conditions


I’m trying to add a configuration in my Hap conf for a client, who is using a special header.

What I would like to do is to deny http requests if this header Is present and if the query do not contain strings that I would « whitelist » (like ABAB10 and BIBI24 etc).

I’Ve tried many things I found in documentation but unfortunately with no success. I Ve got 403 response.

Could anyone help me please ?

What I did :

http-request deny if { hdr(my_header) true } !{ path -m sub ABAB10 || BIBI24 }

I was expecting request with header my_header containing ABAB10 or BIBI24 to be allowed and all other denied).

(Best way would be if I would be able to use a file containing the part of the query I d like to allow )

Thanks in advance !

{ hdr(my_header) true }

This evaluates whether my_header has the string true.

Instead use:

{ req.hdr(my_header) -m found }

Are you looking for a string in the path or the query?

I’d guess you want something like:

!{ path -m sub -f /path/to/your/list }


Thanks for the answer, and sorry for not having been clear enough .

I finally managed to do what I wanted to do which is

http-request deny if { hdr(my_header) -m found } !{ url_param(foo) -f path_to_myallowed_barvalues}