Forum Discussion

PG0581's avatar
PG0581
Icon for Cirrus rankCirrus
Apr 28, 2022

Host header injection iRule

I would like to create an iRule that whitelists based on the HTTP host header value, and if that matches redirect to HTTPS.  Can someone confirm if what I have will work?      ltm rule whitelist...
security
  • Enes_Afsin_Al's avatar
    Enes_Afsin_Al
    Apr 28, 2022

    Hi PG0581,

    when HTTP_REQUEST {
	if { [HTTP::host] eq "abc.com" } {
		HTTP::redirect "https://abc.com[HTTP::uri]"
		return
	} else {
		HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"
	}
}
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP

Hi PG0581,

when HTTP_REQUEST {
	if { [HTTP::host] eq "abc.com" } {
		HTTP::redirect "https://abc.com[HTTP::uri]"
		return
	} else {
		HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"
	}
}