For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Aviv's avatar
Aviv
Icon for Cirrus rankCirrus
Jul 05, 2021

Low SSL ciphers Message to the Client

Hi Folks,
I have a vs that also an old clients with low ssl ciphers suite level Consume.
before i increase the ciphers suite i want to send a popup message to the client for a one month with some warnning that and old os will not work....
how can i do it?

Thanks,

Aviv

1 Reply

  • spalande's avatar
    spalande
    Icon for Nacreous rankNacreous
    Jul 05, 2021

    Please note, this iRule is not tested but to get you started you can use something like below. 

    when RULE_INIT {
set static::notification_page { 
<html>
<head>
<meta http-equiv="Refresh" content="10; url=https://www.site.com" />
</head>
<body><p><center>You are using old TLS settings. Please upgrade them to continue your access -<a href="https://www.site.com">You are being redirected to original site</a>.</center></p>
</body>
</html>
  }
}
 
when CLIENTSSL_HANDSHAKE {
    if { ( [SSL::cipher name] contains "RC4" ) }{
        set old_tls 1
    } else {
        set old_tls 0
    }
}
when HTTP_REQUEST {
    if { ($old_tls == 1) and (not [HTTP::cookie exists NotificationDone])} {  
        HTTP::respond 200 content [subst $static::notification_page] "Mime-Type" "text/html" "Set-Cookie" "NotificationDone=1; path=/; domain=[HTTP::host]"
        TCP::close
    } else {
         return
    }
}