Forum Discussion

Vinsanity904_19's avatar
Vinsanity904_19
Icon for Nimbostratus rankNimbostratus
Mar 17, 2015

HTTP to HTTPS://wwww iRule

Hello,

 

I have a pair of physical F5's sitting in front of an IIS farm. My understanding is it's better/easier to use iRules instead of IIS Re-write rules for what I'm trying to do.

 

Can someone please assist in creating an iRule or set of iRules that would properly redirect ANY permutation of our website to https://www.URL.com?

 

For example

 

http://URL.COM --> https://www.url.com url.com --> https://www.url.com https://url.com --> https://www.url.com

 

No matter how they type it, the URL should take them to

 

Thank you very much!

 

http to https
irule
  • Michael_Jenkins's avatar
    Michael_Jenkins
    Icon for Cirrostratus rankCirrostratus
    Mar 17, 2015

    With an irule, you can do that pretty easily. Just tolower the HOST and if it's not redirect. Something like this. It won't test for https (I assume you're vip only accepts 443 (and you can create an 80 vip that automatically redirects everything to https using the built-in 

    _sys_https_redirect
    irule or a Local Traffic Policy).

    when HTTP_REQUEST {
    switch [string tolower [HTTP::host]] {
        "www.url.com" { 
             Do nothing
        }
        default {
            HTTP::redirect "https://www.url.com[HTTP::uri]"
        }
    }
}
  • THi's avatar
    THi
    Icon for Nimbostratus rankNimbostratus
    Mar 17, 2015

    You can use iApps for creating & maintaining the port 443 IIS virtual server and redirection from port 80.

     

    Use the f5.microsoft_iis iApp template. It automatically creates the port 80 redirect VS with proper redirect iRule. Then allow updates and you can add Michael's iRule to the 443 VS.

     

    Additionally you will get proper health checks and profiles etc. It is much, much faster and probably much less error prone than doing manually..and also tested and supported by F5. Pretty safe, I use iApps when possible. Sure they create more objects, but they are kept in app specific container (folder).

     

  • Vinsanity904_19's avatar
    Vinsanity904_19
    Icon for Nimbostratus rankNimbostratus
    Mar 17, 2015

    THi, thanks for the reply, and the alternative approach, I will take a look at iApp's as well!

     

    • THi's avatar
      THi
      Icon for Nimbostratus rankNimbostratus
      Mar 17, 2015
      IIS and apache web servers are pretty simple to configure, but try to do say Exchange with OWA, Activesync etc, the the iApp approach is much safer than doing manually..