Forum Discussion
Malcolm_Salmons
Nimbostratus
NimbostratusHTTP to HTTPS redirect
Hi
I've currently got a Virtual Server running https, e.g.
https://test.abc.com
This is all working correctly and load balancing happily. However I want to enable redirection of http requests to https, i.e,
http://test.abc.com is redirected to https://test.abc.com
I've created a virtual server on port 80 for http and added the irule below:
when HTTP_REQUEST {
if { [HTTP::uri] eq "test.abc.com"} {
[HTTP::redirect "https://test.abc.com/"]
}
}
However this isnt redirecting traffic to https. Does anybody have any ideas of what I need to do to get this working?
Thanks in advance
Malcolm
6 Replies
- Try removing the brackets around the HTTP::redirect command
when HTTP_REQUEST { if { [HTTP::host] eq "test.abc.com"} { HTTP::redirect "https://test.abc.com/" } }
The square brackets evaluate the command inside the brackets and then place the result where the brackets are. You want to execute the command so you'll want to not include the brackets.
*** Update ***
I forgot to mention (as rapmaster_c did below) that you'll want to be checking based on HTTP::host and not HTTP::uri. I've updated the example above.
-Joe - Your URI is unlikely to be "test.abc.com"; it's more likely to be "/foo.html", for example. Predicate your check based on the server port instead.
Mojdeh_Koushki_hello
i have a same problem .... how did you fix yours?
thanks
Brian_Gupta_115I use a generic http2https rule:when HTTP_REQUEST { HTTP::redirect https://[HTTP::host][HTTP::uri] }
-Brian
jondyke_46152I already use a similar rule but was wandering how I would do this if I only wanted to redirect to HTTPS with specific URL paths? Would it be worth using a datagroup for this?
What I have put together is:-
When HTTP_REQUEST{
if {[matchclass [HTTP::URI] equals $::restrictedURI}
{HTTP::REDIRECT"http://[HTTP:HOST][HTTP:URI]"}}
hoolioCirrostratus
Do you have a list of URIs you want to check for which correspond to a new URI? If so, you could create a string class of source and destination URIs:
Class:class uri_redirects_class { "/uri1 /newuri1" "/uri2 /newuri2" }
Rule:when HTTP_REQUEST { log local0. "[IP::client_addr]:[TCP::client_port]: New request to [HTTP::host][HTTP::uri]" Check if the requested path is listed in the URI redirects class set new_uri [findclass [HTTP::path] uri_redirects_class] log local0. "[IP::client_addr]:[TCP::client_port]: findclass result: $new_uri" if {$new_uri eq ""}{ Take some default action if the requested path isn't listed in the datagroup? log local0. "[IP::client_addr]:[TCP::client_port]: Didn't find new URI" } else { Redirect client to new location log local0. "[IP::client_addr]:[TCP::client_port]: Redirecting to http://[HTTP::host]$new_uri" HTTP::respond 302 Location "http://[HTTP::host]$new_uri" } }
Else, if you want to use the same redirect location for a list of URIs, you could define a class with the URIs and use matchclass to check the requested path against it:
Class:class uris_to_redirect_class { "/uri1" "/uri2" }
Rule:when HTTP_REQUEST { log local0. "[IP::client_addr]:[TCP::client_port]: New request to [HTTP::host][HTTP::uri]" Check if the requested path is listed in the URI redirects class if {[matchlass [HTTP::path] starts_with uris_to_redirect_class]}{ Redirect client to new location log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::path] matched the class" HTTP::respond 302 Location "http://[HTTP::host]/new_location.html" } else { Take some default action if the requested path isn't listed in the datagroup? log local0. "[IP::client_addr]:[TCP::client_port]: Didn't find new URI" } }
Aaron
