Host header injection iRule

Question

I would like to create an iRule that whitelists based on the HTTP host header value, and if that matches redirect to HTTPS.&nbsp;Can someone confirm if what I have will work?&nbsp;&nbsp;&nbsp;ltm rule whitelist-http-host-header {
    when HTTP_REQUEST {
        if { [string tolower [HTTP::header values "Host"]] equals "abc.com"} {
            redirect to "HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]"
        } else {[HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"}

}
    }&nbsp;&nbsp;&nbsp;

enes_afsin_al · Accepted Answer

Hi PG0581,
when HTTP_REQUEST {
	if { [HTTP::host] eq "abc.com" } {
		HTTP::redirect "https://abc.com[HTTP::uri]"
		return
	} else {
		HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"
	}
}

Forum Discussion

Host header injection iRule

Recent Discussions

HTTPS Monitor Health - Receive String 200 OK Not Working

Alert Mail when virtual server down trubleshooting

F5 Health Monitor Receive String as JSON

BIG IQ backup failures

Office hours for BIG-IP Next...

Related Content

Host header injection

header substr

Custom Header Monitor UDP

iRule for blocking specific string in header & displaying blocking page

How to Create IRule to divert traffic between Pools based on XFF Header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS