Forum Discussion
Jacob_Becker_41
Nimbostratus
Nimbostratushttps redirect
I'm trying to do a irule that will account for the following situation. If a person goes to https://felixlive.com I want it to redirect to https://www.felixlive.com. I've tried the following rules.
when HTTP_REQUEST {
log local0. "Host: [HTTP::host], URI: [HTTP::uri]"
if { [HTTP::host] starts_with "felixlive.com" } {
log local0. "host matched felixlive.com"
HTTP::redirect "https://www.felixlive.com"
}
} when HTTP_REQUEST {
if {[HTTP::host] equals "https://felixlive.com" } {
HTTP::redirect https://www.felixlive.com
}
}But with each attempt I'm getting a certificate problem, not to the redirect isn't working correctly. Is there something special I need to do when doing a https redirect?
5 Replies
- The first rule should work. (The second should also work if you removed the "https://" from the HTTP::host comparison -- the host is simply the hostname portion of the URL.)
It sounds like you're getting the redirect, so the rule is working as expected, but you're getting an error because the cert name doesn't match. Unless you have a wildcard cert, that's going to happen -- a cert is specific to an FQDN, and if there is a different Host: header, most browsers will warn the user that the cert is not the one for the site being accessed. 
Jacob_Becker_41So couple of things I want to make sure I understand correctly. With this rule I want to catch people trying to going to https. With that said I'm assuming that the rule needs to be applied to the ssl web pool that I have sent up. So when I tried the following rulewhen HTTP_REQUEST { if {[HTTP::host] equals "felixlive.com" } { HTTP::redirect https://www.felixlive.com/ } }
I received a redirect problem from my browser. My question is I also have a rule setup on the regular web pool (port 80 traffic) which is the following:when HTTP_REQUEST { log local0. "Host: [HTTP::host], URI: [HTTP::uri]" if { [HTTP::host] starts_with "felixlive.com" } { log local0. "host matched felixlive.com" HTTP::redirect "https://www.felixlive.com" } elseif { [HTTP::host] starts_with "www.felixlive.com" } { log local0. "host matched www.felixlive.com" HTTP::redirect "https://www.felixlive.com" } else { HTTP::redirect https://[HTTP::host][HTTP::uri] } }
Am I getting the redirect problem from this chunk in second ruleif { [HTTP::host] starts_with "felixlive.com" } { log local0. "host matched felixlive.com" HTTP::redirect "https://www.felixlive.com"
or is there something else that I'm missing?- Jacob_Becker_41Actually the more I'm digging through this the more I'm realizing that it is a problem with how the cert is setup. Thanks!!!
- If by "redirect problem from my browser" you mean the cert warning, and the cert is for www.felixlive.com, then yes, that is the problem for the rule applied to the HTTPS virtual.
- Jacob_Becker_41Actually I got that error from I'm assuming apache. With that rule applied in parallel with the other rule it would halt my ability to get to the website at all when I entered in the web address https://felixlive.com . Thats why I was wondering if I had a conflict with the other rule perhaps.
