Block subdomain, allow some ip address but allow GET request from any ip address

Hi guys.

I have a subdomain that play as web server, but also as a backend server. I need to block the access to the web server and just some ip address have access but i need also that another subdomain i own get access to the backend (GET and POST request) from any ip adress.

This is the rule i applied:
(http.host eq “subdomain.example.com”) and (ip.src ne 124.10.0.1 and ip.src ne 192.10.0.2 and ip.src ne 168.0.0.3) then block

that rule allow to those ip address get access to the web page, any other ip address get blocked, but also block the GET and POST request made to my backend (subdomain.example.com/api/) from another subdomain with an ip address that is not in the previous list.

Is there anyway to achieve this?

I am afraid it is not quite clear to me what you want to achieve.

If you block that particular hostname, requests will obviously be blocked. What you could do is add an additional expression which also checks for the path. Is that what you want to do?

ok. i blocked the host, but how can i apply a rule that allows me only the GET and POST request from a particular host/subdomain without taking in count the ip addresses?

Look at the “method” expression in the firewall rule editor.

Thank you so much Sandro for your help. I make it work, adding another rule using (http.request.full_uri contains “example.com/api/validate”) then allow.

Best regards.

Checking for the path should be enough, another rule is not required.

This topic was automatically closed after 30 days. New replies are no longer allowed.