Redirect from HTTP to HTTPS if SSL Profile exists on the HTTPS virtual server

Question

We have several load balancers configured on this F5 using the following irule:&nbsp;
when HTTP_REQUEST { 
  switch -glob [HTTP::uri] { 
    "Redacted URI" { return }
    "Redacted URI" { return }
    "Redacted URI" { return }
    "Redacted URI" { return }
    "Redacted URI" { return }
    default { HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] }
  } 
}&nbsp;
This is applied to the HTTP Virtual server which successfully redirects all incoming requests that are HTTP to the HTTPS virtual server.&nbsp;
What we are needing now is a way to exempt the above from happening in the event that the virtual server with all of the ssl profiles does not actually have an SSL profile for the requested URI.&nbsp;
Outside of writing in an exemption for each URI, is there a way to look at the virtual server and verify the incoming URI does or does not have an ssl profile applied on the other virtual server?&nbsp;

bennoonan_35173 · Answer

I believe this may work: 
when HTTP_REQUEST { 
if { [SSL::mode] == 0} { HTTP::redirect http://[HTTP::host][HTTP::uri]}
}

ben_noonan · Answer

I believe this may work: 
when HTTP_REQUEST { 
if { [SSL::mode] == 0} { HTTP::redirect http://[HTTP::host][HTTP::uri]}
}

ravier_356281 · Answer

I'm not sure that's what I'm looking for.&nbsp;
I already have the redirect working for everything that is http to be redirected as HTTPS.&nbsp;
What I need now is basically an exemption mechanism where if the request comes in, and there's no SSL profile for that URL, then to let it go through as HTTP.&nbsp;

ravier_356281 · Answer

I'm not sure that's what I'm looking for.&nbsp;
I already have the redirect working for everything that is http to be redirected as HTTPS.&nbsp;
What I need now is basically an exemption mechanism where if the request comes in, and there's no SSL profile for that URL, then to let it go through as HTTP.&nbsp;

ravier_356281 · Answer

Is there like a:&nbsp;
if URI match Profile redirect&nbsp;
else return&nbsp;

Forum Discussion

Redirect from HTTP to HTTPS if SSL Profile exists on the HTTPS virtual server

6 Replies

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Scenarios where Service Policy should be used over iRule and Vice versa

Issue on connection limit

Request logging: some fields not recorded

ASM Sec-CH-UA-Full-Version-List backquote in Header

F5 Distributed Cloud Services Simulator Connect

Related Content

iControl REST Cookbook - Virtual Server Profile (LTM Virtual Profiles)

Capture Virtual Server Clientssl Profile & Ciphers Mapping - Bash

iControl REST Cookbook - Virtual Server (ltm virtual)

F5 BIG-IP Advanced WAF – DOS profile configuration options.

F5 Distributed Cloud: Virtual Sites - Regional Edge (RE)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS