For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

eLeCtRoN's avatar
eLeCtRoN
Icon for Cirrus rankCirrus
2 months ago

F5 iRule Reverse Proxy, rewrite, redirect

Hello everyone, We currently have a scenario where a URL is no longer available and needs to be (redirected). The starting point is when https://company.com/tool ​​is accessed, it should (redirect) ...
application delivery
devops
eLeCtRoN's avatar
eLeCtRoN
Icon for Cirrus rankCirrus
2 months ago

Hello,

how about the browser masking ? The other page is just accessible with https://IP-Address/toolno FQDN, no company.com host anymore, so in your case I should use a pool with a member inside which is the server that hosting the new page https://IP-Address/tool, How about certificate issues ? For me doesn't matter it is a redirect or not, I need a possible working solution, thats all ;), I search the best way to do that. 

  • Injeyan_Kostas's avatar
    Injeyan_Kostas
    Icon for Nacreous rankNacreous
    2 months ago

    The issue comes when you say

    Of course, https://company.com/tool ​​should remain in the browser.

    If you don't need this the a simple redirect is fine

    when HTTP_REQUEST {
	switch [string tolower [HTTP::host]] {
		"company.com"
		{
			switch -glob [string tolower [HTTP::path]] 
			{
				"/tool/*" 
				{ 
					HTTP::redirect "https://x.x.x.x[HTTP::path]"
				}
				default 
				{}
			}
		}
		default 
		{}
	}
}

    but with redirect of course the browser url will change and there will be a certificate warning due to ip used instead of a url with valid cert

     

    If you reverse poxy the request there will be no cert issue as you will stil server company.com domain which I assume you have certificate for