For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Hannes_Rapp's avatar
Hannes_Rapp
Icon for Nimbostratus rankNimbostratus
Oct 15, 2014
Using the solution above user won't see the remapped URI in the browser bar, this is a silent method as the header replacement happens in F5 without user's having any awareness of the modifications made.

As it's a redirect to another service (from HTTP to HTTPS), you might be better off trying something as follows:

when HTTP_REQUEST {

 if {[HTTP::host] contains "timesheet"} {
   HTTP::respond 302 Location "https://[HTTP::host]/wfc/navigator/logonWithUID"
   event disable all
   TCP::close
   log local0.info "Redirected [IP::client_addr] to https://[HTTP::host]/wfc/navigator/logonWithUID"
   }
 }

Also, can you please provide outputs from the commands below:

 1) (From any device besides F5) curl -vI https://your-service.com
 2) (From F5) curl -vI http://pool-member:xxxx
Hannes_Rapp's avatar
Hannes_Rapp
Icon for Nimbostratus rankNimbostratus
Oct 15, 2014
Perhaps the server responds back with a redirect from HTTPS location to a HTTP location? E.g. - F5 redirects to: https://uslv-timesheet-test.xxxxx.com/wfc/navigator/logonWithUID - Server redirects to http://whatever - F5 redirects to: https://uslv-timesheet-test.xxxxx.com/wfc/navigator/logonWithUID - Server redirects to http://whatever ... You can test that with a "firebug" add-on (Firefox) or developer tools (Chrome) Alternatively, you can use the cURL method I suggested (requires UNIX/Linux OS): "curl -vI https://uslv-timesheet-test.xxxxx.com/wfc/navigator/logonWithUID" (paste all output here)