Forum Discussion
Pete_Paiva_7147
Nimbostratus
NimbostratusHTTPS redirect
Hi all,
Is there an iRule equivalent to this but for HTTPS?
when HTTP_REQUEST {
HTTP::redirect https://www.mysite.com
7 Replies
- Kevin_Stewart
Employee
The (S) in HTTPS is the protocol layer specification for HTTP wrapped in SSL. When you unwrap and remove the SSL, it's the same HTTP inside. So the iRule code wouldn't necessarily change. The only caveat in dealing with HTTPS traffic, if you want to write HTTP iRules for it, is that you have to first decrypt it with a client SSL profile. 
eanderson6_2759when HTTP_REQUEST {
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
}
Elias_O_16228We have SSL cert on our website (www.abc.com) but cannot access it by typing https://www.abc.com on browser except from inside the main page. It is only when you click the secured webform link inside the page, which would become https://www.abc.com/form/siet/bra
Some customers would want attempt to go directly to the secured form which would not work rather prompt them for username/password.
I want to redirect so that if customers type https://www.abc.com, it will redirected them to http://www.abc.com
Would this work the trick?
when HTTP_REQUEST {
HTTPS::redirect "http://[HTTP::host][HTTP::uri]"
}
I have two VIPs (http and https). In order not to mess up the inside page secured form link, I am confused on which VIP to apply this redirect (http VIP or https VIP).- Kevin_StewartWell, it would still be HTTP::redirect as before, and you'd apply this to your HTTPS VIP, but then how would you ever access the https content?
- Elias_O_16228
I want to still be able to access the https contents.
I want to redirect only the hostname https://www.abc.com to ---> http://www.abc.com if you type https://www.abc.com you will be redirected to http://www.abc.com
In this case, https contents can still be access because the link is different --->https://www.abc.com/xxx/sss/ssse/ or whatever - Kevin_StewartThe above iRule is a "catch all". Without any conditions, it will redirect any request to the HTTPS VIP regardless of the host or URI values. So a call to https://www.abc.com/form/siet/bra will just get redirected to http://www.abc.com/form/siet/bra. In order to be able to access ANY HTTPS content, you need some form of conditional evaluation in your iRule logic. For example, to only allow access to /form/siet/bra content on the HTTPS VIP, and redirect everything else, you might use an iRule like this on your HTTPS VIP:
when HTTP_REQUEST { if { not ( [string tolower [HTTP::uri]] starts_with "/form/siet/bra" ) } { HTTP::redirect "http://[HTTP::host][HTTP::uri]" } } - Elias_O_16228Thanks Kevin,
To resolve this, the developer decided to create another page with index that will redirect users to http://www.abc.com when https://www.abc.com is typed on the browser.
He came up with this idea because I asked him to provide me all the SSL contents form request links. He was like what? that will be a lot and each time a new link in added will need to provide it and change will be made on irule.
That made my life a little easier.
Again, thanks.
