HTTP deny conditions

JaimalPartout · November 25, 2020, 8:57pm

Hey,

I’m trying to add a configuration in my Hap conf for a client, who is using a special header.

What I would like to do is to deny http requests if this header Is present and if the query do not contain strings that I would « whitelist » (like ABAB10 and BIBI24 etc).

I’Ve tried many things I found in documentation but unfortunately with no success. I Ve got 403 response.

Could anyone help me please ?

What I did :

http-request deny if { hdr(my_header) true } !{ path -m sub ABAB10 || BIBI24 }

I was expecting request with header my_header containing ABAB10 or BIBI24 to be allowed and all other denied).

(Best way would be if I would be able to use a file containing the part of the query I d like to allow )

Thanks in advance !

lukastribus · November 26, 2020, 10:09pm

{ hdr(my_header) true }

This evaluates whether my_header has the string true.

Instead use:

{ req.hdr(my_header) -m found }

Are you looking for a string in the path or the query?

I’d guess you want something like:

!{ path -m sub -f /path/to/your/list }

JaimalPartout · November 27, 2020, 10:31am

Hello,

Thanks for the answer, and sorry for not having been clear enough .

I finally managed to do what I wanted to do which is

http-request deny if { hdr(my_header) -m found } !{ url_param(foo) -f path_to_myallowed_barvalues}

Topic		Replies	Views
How to allow http requests containing specific header name and value Help!	8	6009	March 12, 2020
Configuration and conditionals Help!	3	808	July 18, 2019
Getting a string from the CDN HTTP request Help!	9	1072	January 23, 2021
ACL rule which works only if ALL header values are in the whitelist Help!	0	429	August 1, 2022
Allowing only some paths - not working as planned Help!	1	647	May 19, 2021

HTTP deny conditions

Related topics