Forum Discussion

afedden_1985's avatar
afedden_1985
Icon for Cirrus rankCirrus
Jan 23, 2014

if you want to redirect all HTTP to HTTPs for the VIP you could do this, it preserves the host and URI and tells them to come back using HTTPS.

 

when HTTP_REQUEST { HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]" }

 

OR

 

if you only needed to enforce specific URIs for a VIP to enforce HTTPS this works. This rule is applied to the HTTP VIP only and inspects the URI and looks into the external data group called SSLREQUIRED if a match is found a redirect is sent to the client, non matching URIs get passed as HTTP.

 

when HTTP_REQUEST { set uri_status [class match [string toupper [HTTP::uri]] starts_with SSLREQUIRED] if { $uri_status ne "0" } { HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]" } }

 

  • Jon_Singh's avatar
    Jon_Singh
    Icon for Altostratus rankAltostratus
    Jan 23, 2014
    I believe that the top solution would work for one part of the solution, the only issue I have is this: we have users that have bookmarked something like this: http://sysdev, this currently automatically redirects to http://sysdev.x.com/login.aspx we want it now to redirect to httpS://sysdev.x.com/login.aspx so I figured merging the two directives into one 1 irule would make sense hence why i thought of the original idea, would there be an easy way to merge the login redirect with your first solution?