Forum Discussion
Ram_63318
Nimbostratus
NimbostratusHTTP to HTTPS Redirection
1.) When customers goes directly to
http://vipnation.com/livenation/php/eventslist.php load balancer is not redirecting to https://vipnation.com/livenation/php/login.php
Redirection works for the following though:
www.vipnation.com
vipnation.com
http://vipnation.com
https://vipnation.com
iRule being used for this customer is as follows:
when HTTP_REQUEST {
if { ! ([string tolower [HTTP::uri]] starts_with "/livenation/") } {
HTTP::redirect "https://vipnation.com/livenation/php/login.php"
}
}
Are there anything that I could do to the above iRule so that it would work as expected?
Thank you,
Ram
Andy_Herrman_22What exactly do you want it to doWhat exactly do you want it to do? When do you want the redirect to happen?
(edit, after looking more closely at the post)
It looks like you're doing more than just HTTP to HTTPS redirection, as you're also modifying the path. What do you want to do if the user uses HTTP but goes to the /livenation/ directory? Should it just redirect to HTTPS and keep the same path, or do you want it to go to the login page?
Ram_63318Basically when customer goes to http://vipnation.com/livenation/php/eventslist.php load balancer should redirect to https://vipnation.com/livenation/php/login.php also like it does for the following:
www.vipnation.com
vipnation.com
http://vipnation.com
https://vipnation.com
Thanks,
Ram
hoolioCirrostratus
It looks like you have the concept down of how to evaluate the requested URI and send a redirect to the client. Now it's just a matter of deciding what logic to use in implementing the iRules. If you aren't sure of what you need, try what you have and add logging statements to track what's happening when it doesn't work. As it looks like you might being using two different rules on the two VIPs make sure to note which VIP the request is being made to in the logs.when HTTP_REQUEST { log local0. "[IP::client_addr]:[TCP::client_port]: new request on [TCP::local_port] to [HTTP::host][HTTP::uri]" if { ! ([string tolower [HTTP::uri]] starts_with "/livenation/") } { log local0. "[IP::client_addr]:[TCP::client_port]: redirecting https://vipnation.com/livenation/php/login.php" HTTP::redirect "https://vipnation.com/livenation/php/login.php" } }
Aaron- Ram_63318Hoolio,
Thanks for your response. I did apply the irule that you posted and I can see in the log that the redirection is not working when we go to http://vipnation.com/livenation/php/eventslist.php directly.
Jun 11 14:23:42 tmm tmm[1510]: Rule vipnation_irule : 216.23.160.47:26719: new request on 80 to vipnation.com/livenation/php/eventslist.php
Not exactly sure why it wouldn't work in the above scenario. Looks like /php/eventslist.php in the end is the culprit because if i go to http://vipnation.com/livenation it redirects properly.
NOTE: redirection works fine for all the following requests though
Jun 11 14:33:36 tmm tmm[1510]: Rule vipnation_irule : 216.23.160.47:28193: new request on 80 to www.vipnation.com/
Jun 11 14:33:36 tmm tmm[1510]: Rule vipnation_irule : 216.23.160.47:28193: redirecting https://vipnation.com/livenatio
n/php/login.php
*************
Jun 11 14:33:49 tmm tmm[1510]: Rule vipnation_irule : 216.23.160.47:28221: new request on 80 to 216.23.166.46/
Jun 11 14:33:49 tmm tmm[1510]: Rule vipnation_irule : 216.23.160.47:28221: redirecting https://vipnation.com/livenatio
n/php/login.php
*************
Jun 11 14:33:59 tmm tmm[1510]: Rule vipnation_irule : 216.23.160.47:28235: new request on 443 to vipnation.com/
Jun 11 14:33:59 tmm tmm[1510]: Rule vipnation_irule : 216.23.160.47:28235: redirecting https://vipnation.com/livenatio
n/php/login.php
*************
Also, to answer your question I am not using two different irules on the vips. There is only one vip but listening on both ports (80 & 443)
Any ideas on why it wouldn't redirect http://vipnation.com/livenation/php/eventslist.php to https://......
Thank you,
Ram Tangella - Hi Ram -
It looks to me like you are specifically excluding that URL in the condition for the redirect action:if { ! ([string tolower [HTTP::uri]] starts_with "/livenation/") } { HTTP::redirect "https://vipnation.com/livenation/php/login.php" }
Let's try a more complete description of when you need to redirect, but I'll take a guess that you want to redirect all requests for the domain name only to the login page?
If so, try this instead:when HTTP_REQUEST { if { [HTTP::uri] equals "/") } { HTTP::redirect "https://vipnation.com/livenation/php/login.php" } }
If that's not it, post back with a list of what needs to be redirected & what doesn't & we can try to help further.
HTH
/d - Ram_63318Deb,
Thanks for your response!! I did the following irule but again http://vipnation.com/livenation/php/eventslist.php will not redirect to https://vipnation.com/livenation/php/login.php
when HTTP_REQUEST {
if { [HTTP::uri] equals "/") } {
HTTP::redirect "https://vipnation.com/livenation/php/login.php"
}
}
Redirection works when I go to
www.vipnation.com
http://vipnation.com
http://vipnation.com/livenation
https://vipnation.com
http://216.23.166.46
https://216.23.166.46
Doesn't work only when I go to http://vipnation.com/livenation/php/eventslist.php
Customer wants all the above that already works plus the one that doesn't get redirected to be working. So we are very close but this is just driving everyone nuts! so far! :-)
So I am clueless at this point. Thank you all for looking into this with me. I really appreciate all your help.
Thank you,
Ram - hoolioIf you want to redirect requests to http://vipnation.com/ and https://vipnation.com/ and http://vipnation.com/livenation/php/eventslist.php to the login page you can use Deb's last example and add a check if the port is 80 and the requested URI is /livenation/php/eventslist.php. If you don't care whether the port is 80 and always want to redirect /livenation/php/eventslist.php to the login page, then remove '([TCP::local_port]==80 and' from the 'if' statement.
when HTTP_REQUEST { if { [HTTP::uri] equals "/" or ([TCP::local_port]==80 and [HTTP::uri] eq "/livenation/php/eventslist.php"} { HTTP::redirect "https://vipnation.com/livenation/php/login.php" } }
Aaron - Andy_Herrman_22I'm guessing he wants to redirect all non-SSL traffic to the login page over SSL, AND all paths that aren't in /livenation/ to the login page (so, only requests to https://.../livenation/* would be allowed through).
when HTTP_REQUEST { if { (! ([string tolower [HTTP::uri]] starts_with "/livenation/")) or ([TCP::local_port]==80) } { HTTP::redirect "https://vipnation.com/livenation/php/login.php" } }
Is that what you're looking for? 
zaferhow can i redirect client request for only login page,
i want redirect http request for "login.php" to https after the login page i want keep client on http
can i do with irule or do i need something on serverside?
zafer
