Forum Discussion

bsm1970

Nimbostratus

Mar 19, 2019

Block page for TLSv1.x or SSL connections

We have a web page/application that we want to reject connections from any client not using at least TLSv1.2. The way we were planning on doing that was to do this in IIS on the server. It would di...

Cirrus

Mar 19, 2019

when CLIENTSSL_HANDSHAKE {
    if { ( [SSL::cipher version] ne "TLSv1.2" ) } {
        set invalid_ssl 1
    } else {
        set invalid_ssl 0
    }
}
when HTTP_REQUEST {
    if { $invalid_ssl } {
        HTTP::redirect "http://www.example.com/upgradetls"
        TCP::close
    }
}

Here is an iRule from this article. This should suit your needs. You can also serve a custom response with an iFile

If you have any more questions, I am sure I can help

Forum Discussion

Block page for TLSv1.x or SSL connections

Recent Discussions

F5 Application common issues

Is network access bypassing APM logon pages?

<apm_do_not_touch> in JS file failing</apm_do_not_touch>

Suddenly Can't access Login Box to F5 LTM Via SSH & GUI

LTM + GTM on same box

Related Content

API Security Strategy - Discover and map APIs, block unwanted connection and prevent data leakage

Site-to-Site Connectivity in F5 Distributed Cloud Network Connect – Reference Architecture

domain blocking

Block IP after a number of ASM Blocks

Block traffic