Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

nvv_109301's avatar
nvv_109301
Icon for Nimbostratus rankNimbostratus
Jul 26, 2010

Catching http responses from SSL session

I have several iRules in place to decide which server pool to use as well as force SSL using redirects to https. I also want to catch 404 and 500 responses and redirect to another site for a polite ...
application delivery
dev
devops
irules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jul 27, 2010
As Hamish said, the HTTP iRule should work okay on an HTTPS VS that has a client SSL profile enabled to decrypt the SSL. You can check whether to send an HTTP or HTTPS redirect based on whether the client used an SSL cipher. As Hamish suggested, this should avoid a browser warning about switching from HTTPS to HTTP.

 

 

when HTTP_REQUEST {

    Hide the SSL:: command from the iRule parser
    so the iRule can be used on a non-client SSL VS
   set cipher_cmd "SSL::cipher version"

    Check if the client used an SSL cipher and it's not "none"
   if {not ([catch {eval $cipher_cmd} result]) && $result ne "none"}{
       Client did use a cipher
      set proto "https"
   } else {
       Client did not use a cipher
      set proto "http"
   }
}
when HTTP_RESPONSE {

    Check the server response code
   switch [HTTP::status] {
      404 -
      500 {
         HTTP::redirect "$proto://polite_message.com/index.htm"
      }
   }
}

 

 

Aaron