I would like to restrict access to a specific URL and allow only requests originating from selected ASN numbers. Is this possible in Fastly?
For example, I want to block access to https://biswakarmagold.com for all IP addresses and allow access only for traffic coming from a few specific ASN numbers. Can this be implemented using Fastly?
Hey @sujoydhar2k20 this is pretty easy to set up in VCL and in Compute
We have a similar example for using country codes to block access: Block all traffic from certain countries | Fastly Solutions Example
You can adjust it to use the client.as.number variable here client.as.number | Fastly Documentation
The Fiddle example goes into more detail, but adding this to your vcl_recv should do it
if (client.as.number != NUMBER) {
error 403 "Restricted Content";
}
Thank you so much. Could you please also help me with another requirement? I want to block all requests to any file containing .php in the URL. For example, any request for a .php file should be denied for both GET and POST methods.
Assuming you mean any file with that extension rather than anywhere in the URL you could use something like:
# check if the file extension is PHP
if(std.tolower(req.url.ext) == "php"){
error 403 "forbidden";
}
If you need it anywhere in the URL, for example if you might use a URL in a query string you could use something like:
# check if the full URL contains PHP
if(req.url ~ "(?i)\.php"){
error 403 "forbidden";
}
The first is more efficient, but only looks at the file extension (if there is one). The second is more flexible but consumes more resources.
Thank You , It worked.