Forum Discussion

katekattar_4936's avatar
katekattar_4936
Icon for Nimbostratus rankNimbostratus
Jun 01, 2009

irule SSL Redirect

Hi All,

 

I have a fairly simple irule to write but can only get half of it correct. I want to send all traffic to a certain URI to HTTPS as well as ensuring all other uri's are not accessed using HTTPS. I have this so far:

 

when HTTP_REQUEST {

 

if { [HTTP::uri] equals "/paymentoptionshome/payments" } {

 

HTTP::redirect https://blahblah.com/paymentoptionshome/payments

 

}

 

}

 

This works but leaves the session in SSL. I need to be able to add something like:

 

when HTTPS_REQUEST {

 

if { [HTTPS::uri] !equal "/paymentoptionshome/payments" } {

 

HTTP::redirect http://[HTTP::host]/[HTTP::uri]

 

}

 

}

 

I do need the first part to be a little more specific, ie. any uri below /paymentoptionshome/payments, perhaps "/paymentoptionshome/payments*" will work.

 

Any ideas?

 

Thanks in advance.

 

Kind Regards

 

Kate
application delivery
dev
devops
iRules
  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Jun 01, 2009
    So you want to redirect them if their URI starts with that string, and then force redirect them back if it doesn't?

    So it sounds like what you're looking for is: 

     
 when HTTP_REQUEST { 
   if { [HTTP::uri] starts_with "/paymentoptionshome/payments" } { 
     HTTP::redirect "https://[HTTP::host][HTTP::uri]" 
   } elseif { (!( [HTTP::uri] starts_with "/paymentoptionshome/payments")) and ([TCP::local_port] == 443) } { 
     HTTP::redirect "http://[HTTP::host][HTTP::uri]" 
   } 
 }

    Colin
  • katekattar_4936's avatar
    katekattar_4936
    Icon for Nimbostratus rankNimbostratus
    Jun 02, 2009
    Hi Colin, Thanks for your reply. It looks to be exactly what I want. Using your code, it redirects the traffic to HTTPS but it doesn't redirect it back to HTTP. The elseif clause isn't working.

     

     

    Any ideas?

     

     

    Thanks

     

    Kate