Forum Discussion
PG0581
Apr 28, 2022Cirrus
Host header injection iRule
I would like to create an iRule that whitelists based on the HTTP host header value, and if that matches redirect to HTTPS.
Can someone confirm if what I have will work?
ltm rule whitelist-http-host-header {
when HTTP_REQUEST {
if { [string tolower [HTTP::header values "Host"]] equals "abc.com"} {
redirect to "HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]"
} else {[HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"}
}
}
Hi PG0581,
when HTTP_REQUEST { if { [HTTP::host] eq "abc.com" } { HTTP::redirect "https://abc.com[HTTP::uri]" return } else { HTTP::respond 400 content "Bad Request" "Content-Type" "text/html" } }
Hi PG0581,
when HTTP_REQUEST { if { [HTTP::host] eq "abc.com" } { HTTP::redirect "https://abc.com[HTTP::uri]" return } else { HTTP::respond 400 content "Bad Request" "Content-Type" "text/html" } }
- PG0581Cirrus
Thanks very much Enes_Afsin_Al
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects