Forum Discussion

Glenn_Ruffus_10's avatar
Glenn_Ruffus_10
Icon for Nimbostratus rankNimbostratus
Dec 18, 2007

Force "www." redirect if missing from HTTPS requests

I am looking for help in writing an iRule that will be used on an HTTPS virtual server. I would like the LTM to examine the HTTP request and if the URL does not include "www." then redirect the brows...
application delivery
dev
devops
iRules
Glenn_Ruffus_10's avatar
Glenn_Ruffus_10
Icon for Nimbostratus rankNimbostratus
Dec 20, 2007
Thanks, Aaron.

 

 

I now have this iRule in place on the HTTPS virtual server:

 

 

when HTTP_REQUEST {

 

if { not ( [HTTP::host] starts_with "www." ) } {

 

HTTP::redirect "https://www.[HTTP::host][HTTP::uri]"

 

}

 

}

 

 

The iRule works *once it is invoked* but it is invoked *after* the SSL handshake occurs. It is an HTTP_REQUEST iRule so the SSL session negotiation happens before the HTTP request is processed. Part of the SSL negotiation involves comparing the requested URL with the URL defined on the cert. So, the security alert comes up based on a mismatch between the requested URL (with no www.) and the URL on the cert (with the www.)

 

 

Is there a way to make the above iRule get invoked *before* the SSL negotiation? Doesn't seem like it but I thought that I would ask.

 

 

Thanks.

 

 

Glenn