How To Block Specific File Extensions
In some cases it may be useful to use the LoadMaster to take a specific action based on the file extension. There are a number of reasons why this may be necessary in Application Delivery to achieve the desirable operation of the application.
In this scenario we are going to block access to any file that contains a docx file extension. A content rule will be created to match on ".docx". If matched, the request will be sent to a SubVS where the user will receive a 403 Forbidden message.
- Create a content rule to match ".docx". Go to Rules & Checking > Content Rules > Create New. Set the Match String to /^\.docx.*/
- Create two SubVSs instead of adding Real Servers. The First SubVS will contain the 403 Forbidden message. The docx rule will be assigned to this SubVS.
The second SubVS will handle all other traffic which will contain the Real Servers. This Virtual Service will be treated as a regular Virtual Service, where Scheduling and Persistence options will be configured.
- Navigate to View/Modify Services > Advanced Properties > Content Switching > Enable.
Note: SSL Acceleration will be required if it is a 443/HTTPS Virtual Service.
- Navigate back to the SubVSs where there will be a new Rules column. Click the Rules button on the first SubVS and assign the docx rule.
- Click the Rules button on the second SubVS and assign the Default rule.
- Configure the "All Other Traffic" SubVS by configuring Scheduling, Persistence, Real Servers and Transparency etc.