Chris_Miller
May 01, 2011Altostratus
Modify HTTP Request to Clone Pool
We've been talking about this a bit internally but I thought I'd see if anyone on DC had any additional thoughts.
Situation - You must send traffic to your pool members over SSL while sending clear-text to your IDS. This is easy enough using the "virtual" command where your clone pool is attached to the first virtual (just client SSL profile) and your default pool is attached to your second virtual (listens on port 80, just has server ssl profile to encrypt traffic to pool.
Challenge - People post login credentials to your site and you don't want your IDS to see them as they'll be in clear-text. You still want to see the POST, but without a certain string of characters. You obviously need the original request to be sent to your default pool though so users are able to login.