Forum Discussion

Cirrus

Dec 11, 2015

Is HTTP to HTTPS redirection Secure?

Hi All, I have configured http to HTTPS redirection in some of the urls but is this secure? The VS blindly forwards all the communications from http to https which can cause man in midle attck r...

Arie

Altostratus

Dec 11, 2015

By the way, any particular reason you're using

TCP::respond

instead of the more common

HTTP::respond

Using the latter the rule would look like this (some optimization added by removing the variable):

when HTTP_REQUEST {
     HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]"
}

Forum Discussion

Is HTTP to HTTPS redirection Secure?

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6

F5 ASM/AWAF – violations logged but no learning suggestions generated

F5 VELOS Backplane Inter-Tenants Communication

migrate from serie I to R. Cluster LTM-GTM

Best Practice guide for enabling Attack signature In BIG-IP ASM

Related Content

F5 HTTPS Redirect 2025

HTTP Multipart and Security Implications

Quarterly Security Notification October 2025

(HTTP) Redirection via Arbitrary Host Header

HTTP To HTTPS Redirect 301