Forum Discussion
Julian_Grunnell
Nimbostratus
NimbostratusiRule for adding a Header
Hi - I have an LTM that does client side SSL for a secure website. The website behind the LTM is also available on port 80. Some of the pages must only be avaiable via HTTPS, but at present you can get to them all via HTTP as well.
As this is a customers website at present I don't if this is 1 file or a hundred files. The iRule below I've used in the past to make sure a single redirect works.
when HTTP_REQUEST {
if { [HTTP::uri] == "/content/contact/contactus.aspx" }{
HTTP::redirect "https://[HTTP::host]/content/contact/contactus.aspx"
}
}
Can anyone provide an iRule that would work for multiple pages? Or suggest a way to maybe insert a Header for the HTTPS requests that the webserver can then read?
Thanks - Julian.
1 Reply
hoolioCirrostratus
Hello,
If the only logic you have to go on is a list of URIs that should only be accessible via HTTPS, you can add them to a datagroup (AKA class) and then use matchclass to see if the request should be redirected. The iRule wiki page for matchclass has some examples (Click here)
Note that the datagroup (class) is a separate object from the rule. I updated the wiki page with the following:
To redirect any request whose URI starts with any of the listed strings defined in the redirectURIs data group (class), first define the class (Local Traffic >> iRules >> Data Groups). This is how the object definition appears in the bigip.conf file:class redirectURIs { /my/application/directory /another/appdir /yet/another }
Now create a rule which references the class:when HTTP_REQUEST { if { [matchclass [HTTP::uri] starts_with $::redirectURIs] } { HTTP::redirect http://www.domain.com/unavailable.html } }
If you want to only use an exact match against the strings in the class, replace "starts_with" in your rule with "equals".
Aaron
