Forum Discussion
https to https irule for redirection
Is it possible to create an Irule which can re-direct as below
https://url to https://url/url
When creating an irule on LB i have seen below default rule.. but not for https_request something
so for my case if I need https to https what should i use......
https://url will redirect when user open it with http.... but in this case if user open http://url it will only redirect to https://url not https://url/url or will it be?
when HTTP_REQUEST {
if { [HTTP::uri] contains "secure"} {
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
}
}
Hello,
So basically you want to redirect to specific URL with URI right ?
Mayur
- GajjiCirrostratus
yes .. ex
what i want is... https://upvote.com/answer/share should redirect to https://upvote.com/answer/donshare
when i open http://upvote.com/answer/share it will redirect to https://upvote.com/answer/share as of current setup
but if i add irule like
when HTTP_REQUEST {
if { ([HTTP::host] equals "upvote.com") and ([HTTP::uri] ends_with "/answer/share) } {
HTTP::redirect https://upvote.com/answer/donshare
will it work
- jonnyNimbostratus
Do not write a IRULE for this simple task. Even though this redirect will not truely tax the F5 by itself it will due to the nature of IRULES spin off anoher thread that is unneeded. The best way to handle this would be to use a LTP(Local traffic Policy). With any version after 11.x you can do this and it is best to use LTP if you uare not doing heavy content manipulation. I am leaving you a link to review and assist in creating a simple
Furthermore there are built in irules fresh out of the box that you can use, rather than creating your own. If you navigate to local traffic/irules and then look at the irules that begin with _sys you should find one that is for http_to_https redirects and it should look something like this:
when HTTP_REQUEST {
HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
}
- GajjiCirrostratus
what i want is... https://upvote.com/answer/share should redirect to https://upvote.com/answer/donshare
when i open http://upvote.com/answer/share it will redirect to https://upvote.com/answer/share as of current setup
You can try it, else you can even try below iRule.
when HTTP_REQUEST {
if { [HTTP::host] contains "abc.com" and [HTTP::path] eq "/home" } {
HTTP::redirect "/home2"
return
}
}
Hope it helps!
Mayur
- Margaret212Nimbostratus
To redirect traffic from HTTP to HTTPS using an iRule in an F5 BIG-IP load balancer, you can create a simple iRule that performs the redirection. Here's an example of how the iRule can be configured:
tclCopy codewhen HTTP_REQUEST { if { ![HTTP::is-secure] } { HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]" } }In this iRule, the HTTP_REQUEST event is triggered when an HTTP request is received. The if statement checks if the request is not already secure (i.e., not HTTPS). If it's not secure, the HTTP::respond command is used to issue a 301 (Permanent Redirect) response with the Location header set to the corresponding HTTPS URL.
To apply this iRule to your virtual server, follow these steps:
- Access the BIG-IP configuration utility.
- Navigate to Local Traffic > Virtual Servers and select the appropriate virtual server.
- In the Configuration section, locate the iRules field and click the Add button.
- Enter the name of the iRule you created (e.g., http-to-https) and click Add.
- Save the changes and test the configuration.
Make sure to replace [HTTP::host] with the appropriate variable that represents the host name or domain in your environment.
This iRule will redirect any incoming HTTP requests to the corresponding HTTPS URL. It's essential to have the necessary SSL/TLS configuration in place to handle the incoming HTTPS requests on the virtual server.
Remember to thoroughly test the iRule in your specific environment before applying it to production systems. MyPennMedicine
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com