Forum Discussion
Local Traffic Policy to Redirect Based on Hostname
Hello Community,
I hope someone can point me in the right direction.
We are in the process of migrating our web applications to a new portal system. I need to redirect the client to the new URL, but I don't want the client to see the redirection. I think this is similar to the ProxyPass iRule, but I would like to do this through traffic policies instead of an iRule.
Here is an example of the application I am trying to redirect.
https://application-a.domain.com/ -> https://portal.internal.domain.local/application-a
I have a traffic policy to rewrite the hostname and URI path that seems to be working correctly, but the server returns a 302 redirection to https://portal.internal.domain.local/application-a. I've been banging my head against a wall trying to figure out how to replace https://portal.internal.domain.local/application-a with https://application-a.domain.com/. I've tried adding a rule to replace portal.internal.domain.local with application-a.domain.com in the HTTP header Location path, but that does not seem to do anything.
Here is the full policy...
ltm policy /Common/Test_Policy {
requires { http }
rules {
Test_Rule1 {
actions {
0 {
http-host
replace
value portal.internal.domain.local
}
1 {
http-uri
replace
path "tcl:[string map { / /application-a/ } [HTTP::uri]]"
}
2 {
http-header
response
replace
name Location
value "[string map {portal.internal.domain.local application-a.domain.com} [HTTP::header Location]]"
}
}
conditions {
0 {
http-host
host
values { application-a.domain.com }
}
}
}
}
strategy /Common/first-match
}
And here is the client side redirect from Wireshark.
HTTP/1.1 302 Found
Date: Thu, 03 Sep 2020 13:50:48 GMT
Server: Apache/2.4.38 (Debian)
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
X-Powered-By: PHP/7.3.18
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-cGxGUVVWczZMM3E2S0pScEh0V0dmeDd4cHVVU2QrbjhZUjREaXAvWTlMWT06alFBWkN6RVBXQVA0WXRVZFNKdjBWRk9UbHRVblQ2YVpOMnhBd3ZYeng1az0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Location: https://portal.internal.domain.local/application-a/index.php/login
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Thanks for any assistance.
Brian Burns
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com