Forum Discussion

Cirrus

Dec 11, 2015

Is HTTP to HTTPS redirection Secure?

Hi All, I have configured http to HTTPS redirection in some of the urls but is this secure? The VS blindly forwards all the communications from http to https which can cause man in midle attck r...

Altostratus

Dec 11, 2015

By the way, any particular reason you're using

TCP::respond

instead of the more common

HTTP::respond

Using the latter the rule would look like this (some optimization added by removing the variable):

when HTTP_REQUEST {
     HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]"
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Is HTTP to HTTPS redirection Secure?

F5 Academy at AppWorld 2026

Kostas Injeyan - October 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

SSL Offloading and Backend pool https

Terraform AS3 code for GTM Only.

Behavior of masterkey on rSeries

Azure F5 deployed using marketplace is unable to ping backend server

f5 client certificate forwarding

Related Content

F5 HTTPS Redirect 2025

Quarterly Security Notification October 2025

HTTP Multipart and Security Implications

(HTTP) Redirection via Arbitrary Host Header

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS