Forum Discussion
DaveC_53879
Nimbostratus
May 29, 2012Marking server traffic secure
Hi, We have a pretty typical setup; most sites on the F5 support SSL between the client the F5, and some enforce SSL, but traffic between the F5 and the servers is not secure. Is there a way of mark the request sent to the server as secure so that it knows that the traffic is secure? Our developers have asked for this so that they can change the response behavior for http vs. https requests. Thanks in advance, again.
DaveC
- George_Watkins_Historic F5 AccountHi DaveC,
- DaveC_53879
Nimbostratus
Hi George, - Brian_69413
Nimbostratus
This is what we do on the HTTP and HTTPS virtuals respectively:when HTTP_REQUEST { if { [HTTP::header exists "HTTP_X_FORWARDED_PROTO"] }{ HTTP::header replace "HTTP_X_FORWARDED_PROTO" "http" } else { HTTP::header insert "HTTP_X_FORWARDED_PROTO" "http" } }
- Brian_69413
Nimbostratus
That looks nasty, sorry. For the HTTPS virtual:when HTTP_REQUEST { if { [HTTP::header exists "HTTP_X_FORWARDED_PROTO"] }{ HTTP::header replace "HTTP_X_FORWARDED_PROTO" "https" } else { HTTP::header insert "HTTP_X_FORWARDED_PROTO" "https" } }
- Brian_69413
Nimbostratus
For the HTTP virtual:when HTTP_REQUEST { if { [HTTP::header exists "HTTP_X_FORWARDED_PROTO"] }{ HTTP::header replace "HTTP_X_FORWARDED_PROTO" "http" } else { HTTP::header insert "HTTP_X_FORWARDED_PROTO" "http" } }
- DaveC_53879
Nimbostratus
I figured it out. It was really pretty easy. Just needed the time to think and investigate it. The rule below works correctly. Thanks for all the responses. - hoolio
Cirrostratus
You could also do this with a custom HTTP profile:ltm profile http IsSecureConnection_http { defaults-from http header-erase IsSecureConnection header-insert "IsSecureConnection: True" insert-xforwarded-for enabled }
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects