Forum Discussion
AltostratusDetect Redirect
Hi Everyone,
I'm trying write an iRule to detect any redirect from my internal servers to the external domains.
Example: the internet user acess my webpage: www.acme.com/product and the developer created a redirect to domain: www.acmestore.com where we don't have control of this domain.
This is a problem to us because if someone hack this other domain we can't do anything and the costumer will think it is our page.
I tried to write an iRule if some response return with HTTP::header value location is diferent of www.acme.com create a log in /var/log/ltm. But did not work well because we have some redirect in irules.
If I put the redirect iRule before the expected event, that wont happen. If i put the redirect iRule after, this won't be logged because the the event already occurred.
Please help me with this idea about how to do with the iRule. Any Ideas to solve this problem?
when HTTP_RESPONSE { if { [HTTP::is_redirect] } {
set redir "[HTTP::header values Location]"
if {[$valor_redir string not matches_regex "^(https?:\/\/(.+\.)?acme(net)?\.com|\/)"]} {
log local0. "ALERT - REDIRECT FOUND: $redir - ALERT"
}
} }
1 Reply
StephanMantheyNacreous
By now I have never used the function [HTTP::is_redirect].
Instead I looked after the the [HTTP::status] in the context of HTTP_RESPONSE event:if { [HTTP::status] starts_with "3" } {}As you mentioned, the event might be triggered by a redirect our of your own iRule.
How about applying i.e. an "event disable all" after your own redirect to avoid further evaluations in the context of follow-up events? Thanks, Stephan
