For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Parveez_70209's avatar
Parveez_70209
Icon for Nimbostratus rankNimbostratus
Oct 29, 2013

http_x_forwarded_for setting query

Hi,   We wanted to enable http_x_forwarded_for feauture in our HTTP as well as HTTPS Virtual-server having same VIP.   Whenever someone hits HTTP URL, it should redirect to HTTPS. So, last ti...
Richard__Harlan's avatar
Richard__Harlan
Historic F5 Account
Oct 29, 2013

So if I understand you have two VIPs one HTTP and one HTTPS. The HTTP VIP should redirect all traffic to HTTPS. Both the HTTP and HTTPS VIPs will need to have a HTTP profile for them to understand the HTTP protocol. Now if the above is true you should not need to add the headers to the HTTP VIP but you should add the headers on the HTTPS VIP. If you add them to the HTTP VIP it should not do anything as when the client makes the request again to the HTTPS VIP the headers will not be there and the LTM will have to add them again to the server.

 

Now if you have add the header to tell the server that there is a SSL offload device you should not have to rewrite the redirects. At this point the server should be told to send back HTTPS links when it see the HTTPS header.

 

If I am missing anything please let me know. Thanks