For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Casey_Parman_24's avatar
Casey_Parman_24
Icon for Nimbostratus rankNimbostratus
Jan 11, 2016

iRule https redirection

Hello all, I'm new to the f5 world and I'm looking to create an irule for an HTTPS redirection. The main problem that I'm having is that three different FQDN's are used for the same site and redirec...
application delivery
BIG-IP
LTM
Arie's avatar
Arie
Icon for Altostratus rankAltostratus
Jan 11, 2016

You can change the request to the Origin Web Servers independent of the request from the client. To accomplish this you would can use HTTP::uri to change the request before it is handed to the back-end.

In your case you would end up with something like this:

HTTP::uri "/foo[HTTP::uri]"

However, since you are also required to force all traffic from port 80 to 443 you'll have to use a two-tier approach:

  1. Force all traffic to HTTPS. (on the VIP for port 80)
  2. Rewrite requests to the home page to include /foo/ (on the VIP for port 443)

Rule for Port 80 VIP:

 Permanently redirect HTTP to HTTPS

    when HTTP_REQUEST {

        HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]"

    }

Rule for Port 443 VIP:

 Rewrite requests for the home page to /foo/ (to the OWS only - no change to client URL)

when HTTP_REQUEST {

    if { [HTTP::path] eq "/" || [string tolower [HTTP::path]] eq "/index.php" } {

        HTTP::uri "/foo[HTTP::uri]"

    } 

}

Depending on the way the links are constructed on the resources on the OWS (HTML, JS, CSS, etc.) you may need to tweak this a bit to accommodate your specific situation.