Jump to content

Recommended Posts

Posted

Hello

I have an example.com vserver on Netscaler (ADC)

I want to ban every IP that tries 3 times to access not permitted URLs for 24 hours

Allowed URL is : example.com/allowed/.*


In this example, if client with IP 1.2.3.4 tries within an admin-defined timeframe "example.com", then "example.com/forbidden", than "example.com/alsoforbidden", I would like the Netscaler to block IP 1.2.3.4 for 24 hours then unblock the IP


I tried rate limiting, but couldn't get past the 120 secs block timeout that cannot be modified. Also the GUI wouldn't display the public IP adress, I could only clear an IP address from the CLI.


I don't really know what else to try to have the ability to use the timeout I want, and to be able to manually unban an IP if needed.


Any tips appreciated.

Posted

Not sure how you would monitor that three strike rule throughout the session.

Maybe protect 'forbidden' pages with authentication.

If this is Gateway, you might could get creative with nFactor Authentication and lock out the user acct?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...