HTTPS Redirect based on http_response

Question

New to IRules and just trying to wrap my head around some of the logic here.... 
&nbsp;  
&nbsp; I am looking to capture non-secure login pages and automatically redirect the user to make an https request back to the same page. I am looking for a way to detect that a password field is about to be passed back to the user on an unsecure connection. The SSL termination is on the F5 and the request to the backend servers are unencrypted. Unfortunately this is old web code and these pages are spread throughout the environment. I am looking for a temporary fix until the code can be fixed. 
&nbsp;  
&nbsp; I know how to create a redirect and I have the regular expression I can use to detect the password field.  
&nbsp; I need help with two things. How do I detect whether the user is connected via SSL and how do I detect the password field using a regular expression looking at the http_response so I can force a redirect?  
&nbsp;  
&nbsp; Thanks

jrichards_45544 · Answer

Answered my own question on this...

hoolio · Answer

What did you end up with?  I was going to suggest redirecting all http requests to https, as it simplifies the configuration and is more secure.  The other option would probably require collecting the response content and rewriting the form action to an https URL.  Depending on how the application lists the form action, this could actually be fairly complicated. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

HTTPS Redirect based on http_response

Recent Discussions

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Related Content

(HTTP) Redirection via Arbitrary Host Header

HTTP To HTTPS Redirect 301

Http redirection

HTTP URI Replace/Redirect

Rewrite HTTP Redirect Hostname

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS