Jump to content
Welcome to our new Citrix community!

Bloked GET and allow to especific IP

Recommended Posts

Hello Everyone,


1. We have a website published on netscaler that prohibits any url that contains the GET option.
2. Can I allow only 1 ip if I have the GET in the URL to be directed to the server and the others not?


Can Anybody help me about this?





Link to comment
Share on other sites

Configure a responder policy to DROP all traffic where http.req.method.set_text_mode(ignorecase).eq("get") && !client.ip.src.eq(<allowed ip>)

If you don't want any traffic get or post hitting this site; then just filter on !<client ip> aka not client ip.


add responder policy rs_pol_dropgets_wipexception  'http.req.method.set_text_mode(ignorecase).eq("get") && !client.ip.src.eq(x.x.x.x)' DROP


Bind to the appropriate lb vserver.


For the expression, please note:

Any GET Request from all IPS that are NOT <client ip> above, will be DROPPED.

Any non-get request will be allowed from every ip. (not filtered)




Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...