iRule redirection with filter ... ?

little update additional url: - abcwebsite.com going to HTTP VIP will not be redirected to HTTPS vip - (with special sign) äbcwebsite.com going to HTTP VIP will not be redirected to HTTPS vip So there will be 2 www with no redirection to https .

i found something like that but can someone help me with this and confirm it is ok or  correct it please ? 🙂  

when HTTP_REQUEST {
    switch [string tolower [HTTP::host]] {
        "abcwebsite.com" {
            HTTP::respond 301 Location "http://abcwebsite.com[HTTP::uri]"
        }
        "äbcwebsite.com" {
            HTTP::respond 301 Location "http://äbcwebsite.com[HTTP::uri]"
        }
        "abcwebsite.new.com" {
            HTTP::respond 301 Location "https://abcwebsite.new.com[HTTP::uri]"
        }
    }
}

2nd one ******************************************

when HTTP_REQUEST {
    if { [string tolower [HTTP::host]] equals "abcwebsite.com" } {
        HTTP::respond 301 Location "http://abcwebsite.com[HTTP::uri]"
    } elseif { [string tolower [HTTP::host]] equals "äbcwebsite.com" } {
        HTTP::respond 301 Location "http://äbcwebsite.com[HTTP::uri]"
    } else {
    HTTP::redirect https://[HTTP::host][HTTP::uri]"
    }
}

There are a couple of issues with your example iRule, so let's have a look at it:

when HTTP_REQUEST {
    switch [string tolower [HTTP::host]] {
        "abcwebsite.com" {
            HTTP::respond 301 Location "http://abcwebsite.com[HTTP::uri]"
        }
        "äbcwebsite.com" {
            HTTP::respond 301 Location "http://äbcwebsite.com[HTTP::uri]"
        }
        "abcwebsite.new.com" {
            HTTP::respond 301 Location "https://abcwebsite.new.com[HTTP::uri]"
        }
    }
}

The first case, abcwebsite.com will create an infinite redirect loop, since when you redirect to abcwebsite.com[HTTP::uri] you will match that again and redirect again, and again and...

To solve this you simple don't redirect at all. The idea is that if HTTP:host returns abcwebsite.com that traffic should be sent through to the servers, right? So it would look like this:

"abcwebsite.com" {
    pool abcwebsite.com_pool
}

Or whatever your pool might be named for the application.

The second case, with äbcwebsite.com, this is actually not what the BIG-IP will see. Unless something has changed since last I looked at this, those characters aren't actually "allowed" so while you can register a name with special characters, the browser will encode those characters according to a specific method, and that's what will be sent in the host header. So the name will have to be encoded with an IDN converter and then you'll get this: xn--bcwebsite-u2a.com. Again, the example would create an infinite redirect loop so just send that to a pool as well.

The third one though is perfectly fine.

So that gives us something like this:

when HTTP_REQUEST {
    switch [string tolower [HTTP::host]] {
        "abcwebsite.com" {
            pool abcwebsite.com_pool
        }
        "xn--bcwebsite-u2a.com" {
            pool aumlbcwebsite.com_pool
        }
        "abcwebsite.new.com" {
            HTTP::respond 301 Location "https://abcwebsite.new.com[HTTP::uri]"
        }
    }
}

The correct pool names has to be inserted of course.

Hello slesh,

You can resolve this by configuring :

1) A VS vip_abcwebsite.new.com_https listening on port 443

2) A VS vip_abcwebsite.com_http listening on port 80 with the irule that redirects traffic from http to https for abcwebsite.new.com and do nothing (accept traffic) for abcwebsite.com

when HTTP_REQUEST { 
if {  [string tolower [HTTP::host]] equals "abcwebsite.new.com"   } {
  HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
  } elseif { [string tolower [HTTP::host]] equals "abcwebsite.com" } {
  do nothing
  } else {
  reject the traffic if using other hostname (optional)
  reject
}
}

In this manner all traffic going to abcwebsite.new.com will be in https and all traffic going to abcwebsite.com will be in http...

Hope that it helps

regards