Forum Discussion

Nimbostratus

Mar 17, 2010

iRule multiple redirect/respond invocations not allowed

Hi all, There is a rule which is sending these messages to the logs, although the rule it's redirecting correctly. Nevertheless I have reports that some people visit the web page with "...

Cirrostratus

Mar 18, 2010

If someone makes a request to http://vip:443 they could make an unencrypted HTTP request to an HTTPS VIP. But the port would always be 443.

If you want to gracefully handle HTTP requests to an HTTPS VIP, you can enable non-SSL connections on the client SSL profile and then use an iRule like this:

 
  http://devcentral.f5.com/wiki/default.aspx/iRules/Redirect_non_ssl_requests_on_ssl_vs_rule.html 
  
 when HTTP_REQUEST {  
  
     Check if the client used an SSL cipher  
    if {not ([catch {SSL::cipher version} result]) && $result ne "none"}{  
  
        Client did use a cipher  
       log local0. "\$result: $result. Allowing encrypted request."  
  
       if {[HTTP::path] eq "/"}{ 
          HTTP::redirect "https://[getfield [HTTP::host] : 1]/Login.jsp" 
       } 
  
    } else {  
  
        Client did not use a cipher  
       log local0. "\$result: $result. Redirecting unencrypted request."  
       HTTP::redirect "https://[getfield [HTTP::host] : 1]/Login.jsp" 
    }  
 }

Aaron

Forum Discussion

iRule multiple redirect/respond invocations not allowed

Recent Discussions

AS3 Deployments (shared objects)

Inquiry on F5's Maintenance Mode Feature for Pool Members

F5Access | MacOS Sonoma

Ansible modules for F5OS

VPN fragmented IP packets dropped

Related Content

iRule error - Multiple redirect/respond invocations not allowed

detect prior http redirect or respond

F5 Distributed Cloud – Multiple custom certificates for HTTP/TCP LB

Multiple Kubernetes Clusters and Path-Based Routing with F5 Distributed Cloud

Multiple Port Load Balancing