Forum Discussion
How exclusion url path file to without https
Hi ,
i want to exclusion my url path without https using irule,
for example all trafic to : https://myweb.com and
if access to this url without https to http://myweb.com/dev/data/
my existing irule config
when HTTP_REQUEST {
# Disable the stream filter for all requests
STREAM::disable
# LTM does not uncompress response content, so if the server has compression enabled
# and it cannot be disabled on the server, we can prevent the server from
# sending a compressed response by removing the compression offerings from the client
HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
# Check if response type is text
if {[HTTP::header value Content-Type] contains "text" or [HTTP::header value Content-Type] contains "json"}{
# Replace http:// with https://
STREAM::expression {@http://@https://@}
# Enable the stream filter for this response only
STREAM::enable
}
}
when STREAM_MATCHED {
#log local0. "Matched: [STREAM::match]"
}
thanks for help
Hi, I'm not sure if I understood your request correctly. As far as I can tell, you're trying to disable SSL (HTTPS) when client tries to access specific file paths, because web server requires non-secure connection, correct?
I think that it's safer in this case to keep the connection between client and F5 secure, and perform SSL termination for these specific files only between F5 and your internal server farm.
An iRule like this might be what you're looking for
when HTTP_REQUEST { if { [HTTP::header Content-Type] contains "text" || [HTTP::header Content-Type] contains "json" }{ # HTTP::path "/dev/data/" #This string rewrites HTTP path before sending data, I'm not sure if this is required pool http_pool #I'd recommend configuring an HTTP pool that connects to your WS to port 80 (or custom port, if that's your setup) } } when SERVER_CONNECT { if { [LB::server port] == 80 }{ SSL::disable } }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com