another challanging rediret

Question

We terminate SSL on the F5 for this site. The backend is http over 7678 to the servers.&nbsp;
&nbsp;when HTTP_REQUEST {
&nbsp;  if { [HTTP::host] equals "mywebsite.mydomain.com" }{ 
&nbsp;    HTTP::redirect "https://mywebsite.mydomain.com/index.html
&nbsp;} elseif { [HTTP::uri] equals "/help" }
&nbsp;     HTTP::redirect "https://mywebsite.mydomain.com/help/index.html"
&nbsp;  } else {
&nbsp;pool WEB_POOL
&nbsp;}&nbsp;
&nbsp;What we want to do is add index.html to all https requests. 
&nbsp;Does it look like this rule would work for that.

colin_walker_12 · Answer

It looks like you're pretty close.  You might want to do a couple things different.
First, I'd recommend using the HTTP::uri command, rather than doing full on HTTP::redirects, as they shouldn't be necessary.
Second, rather than checking for certain directories, if you truly want to append "index.html" to all requests coming through this virtual, it's done with relative ease like this:
when HTTP_REQUEST {
  if { not ( [HTTP::uri] ends_with "/" ) } {
    set newURI "[HTTP::uri]/index.html"
  } else {
    set newURI "[HTTP::uri]index.html"
  }
  HTTP::uri $newURI
}
This should modify the URI to append index.html to whatever was currently there.
HTH,
Colin

brad_scherer_11 · Answer

Thanks Colin. &nbsp;
&nbsp;I listed my reqs incorrectly. 
&nbsp;W
&nbsp;hen a customer goes to the site https://mywebsite.mydomain.com they should be redirected to https://mywebsite.mydomain.com/index.html. &nbsp;
&nbsp;Once logged into the site if they click "help" they should get redirected to https://mywebsite.mydomain.com/help/index.html. &nbsp;
&nbsp;Currently with no Rule in place when they click "help" it tries to send them back to http instead of keeping them https and it does not append the /index.html. Currently there is no 80 to 443 redirect because an https link/shortcut is copied and saved on everyones desktop via login script, but as you can guess this cause frustration for users that do not log into our domain often or ever. In the future we may add the http2https functionality and if I can come up with a good working rule for this now that covers all of the above reqs then I can probably push to get it implemented all at once.&nbsp;
&nbsp;Thank you for your help&nbsp;
&nbsp;brad

deb_allen_18 · Answer

If you can't fix your app to send https or relative links, you can use the stream profile to do a content replacement for all proxied links.&nbsp;
&nbsp;If you replace "http://host.domain.com/" with "https://host.domain.com/", all the links presented to the browser for that host will now be https.&nbsp;
&nbsp;You probably also want to turn on "Redirect Rewrites", set to "Matching", to rewrite any redirects the webservers sends to https.  (Redirect info is in the headers, not the content, so they are not re-written by the stream profile above.)&nbsp;
&nbsp;With these 2 features enabled, the port 80 redirect rule should only get hit once per session.&nbsp;
&nbsp;/deb

Forum Discussion

another challanging rediret

Recent Discussions

How to export a list of paired external service providers from APM?

How to Renew F5 Device Certificate

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Statistics ›› Analytics : HTTP : Overview

Related Content

DevCentral 2024 - Share Another Day

Another Bash script to backup a BIG-IP device.

Migrate part of GTM to another GTM

viprion - migrate to another blade

pool members can't connect to another Virtual Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS