Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How to Match a Particular URL and Deny everything else

In some scenarios, it may be required to match on a particular URL and deny everything else. This approach may be useful when some content should be denied and some content should be allowed based on a particular URL entry.

To do this - it is possible to create a configuration based on SubVSs. Refer to the following content for instructions on how to do this.

For more information on content rules in general, refer to the Content Rules Feature Description document.

1. Create a content matching rule as per the screenshot above (in order to match a particular URL).

In this example - all of the content which is directed to to a folder called Folder1 is matched and the related traffic is directed to a particular Real Server.

Then, all of the "Not Matched" traffic is denied and error message is displayed, for example "This content is denied!!!".

The example client URL is

The Match String is /^\/Folder1.*/.

This matching string will match on the URL only. The different parts of the Match String are explained below:

  • /^ - start of the regular expression
  • \/ - this will match / (\ is used to escape the special character /)
  • The folder named Folder1 will be matched
  • .* - means that everything else will be matched as well
  • / - end of the regular expression


2. Create a Virtual Service and two SubVSs - like in the example screenshot above.

3. In the Virtual Service, enable content switching and apply the created rule to the first SubVS. On the Second SubVS, apply the default rule.

4. Add the Real Server to the first SubVS and configure all the other options as needed.

5. There is no need to add a Real Server to the second SubVS. Instead, you will configure the Not Available Redirection Handling options, like in the example above.

Note: The same configuration can also be used without using a structure based on SubVSs. However, a structure based on SubVSs is more flexible and is easy to scale up to the Virtual Service and additional services can be added that will match multiple URLs and/or FQDNs.

Was this article helpful?
0 out of 0 found this helpful