For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Nfordhk_66801's avatar
Nfordhk_66801
Icon for Nimbostratus rankNimbostratus
Aug 14, 2014
Solved

iRule redirect to HTTPS - Logical Error

Hi, I have a logical error in my iRule. We only want to encrypt specific URLs. We have a site that hosts multiple applications. Part One: http://websiteROOT/websiteA - websiteE redirect to their ...
application delivery
design
devops
irule
iRules
LTM
management
  • Cory_50405's avatar
    Cory_50405
    Aug 14, 2014

    Well, that elseif as it's currently written will never match because you're converting the host to lowercase and then attempting to match it against a string with upper case characters (websiteROOT). I realize this is a sanitized iRule, but I just wanted to raise this point in case that is your issue. Try this one:

    when HTTP_REQUEST {

if { [string tolower [HTTP::uri]] starts_with "/websiteA" } {
 pool pool_websiteA
} elseif { [string tolower [HTTP::uri]] starts_with "/websiteB" } {
 pool pool_websiteB
} elseif { [string tolower [HTTP::uri]] starts_with "/websiteC" } {
 pool pool_websiteC
} elseif { [string tolower [HTTP::uri]] starts_with "/websiteD" } {
 pool pool_websiteD
} elseif { [string tolower [HTTP::uri]] starts_with "/websiteE" } {
 pool pool_websiteE
}
 else {
  HTTP::redirect "https://[HTTP::host][HTTP::uri]"
 }
}
Cory_50405's avatar
Cory_50405
Icon for Noctilucent rankNoctilucent
Aug 14, 2014

It seems like your elseif looking for websiteROOT isn't necessary. The final else statement should catch it and redirect to HTTPS.

 

You only have this iRule applied to your port 80 virtual server, correct?

 

Nfordhk_66801's avatar
Nfordhk_66801
Icon for Nimbostratus rankNimbostratus
Aug 14, 2014
I completely agree with you, but it wasn't working so I tried to add it in to specify it. That is correct, it is applied to the HTTP server.