Host header injection iRule

Question

I would like to create an iRule that whitelists based on the HTTP host header value, and if that matches redirect to HTTPS.&nbsp;Can someone confirm if what I have will work?&nbsp;&nbsp;&nbsp;ltm rule whitelist-http-host-header {
    when HTTP_REQUEST {
        if { [string tolower [HTTP::header values "Host"]] equals "abc.com"} {
            redirect to "HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]"
        } else {[HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"}

}
    }&nbsp;&nbsp;&nbsp;

enes_afsin_al · Accepted Answer

Hi PG0581,
when HTTP_REQUEST {
	if { [HTTP::host] eq "abc.com" } {
		HTTP::redirect "https://abc.com[HTTP::uri]"
		return
	} else {
		HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"
	}
}

Forum Discussion

Host header injection iRule

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Host header injection

header substr

Custom Header Monitor UDP

iRule for blocking specific string in header & displaying blocking page

How to Create IRule to divert traffic between Pools based on XFF Header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS