For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

deni_22991's avatar
deni_22991
Icon for Nimbostratus rankNimbostratus
Jan 04, 2011

redirect to https multiple uri's while letting others pass through

I am trying to create an iRule that will force ssl on specific multiple URI's under a specific host while letting those that do not need SSL to pass through. I am working on BIG-IP 9.4.7 Build 320.1 ...
application delivery
dev
devops
iRules
deni_22991's avatar
deni_22991
Icon for Nimbostratus rankNimbostratus
Jan 05, 2011
Well, we thought we had it working. This is what the iRule actually says

 

when HTTP_REQUEST

 

{ if { [HTTP::host] equals "appsf5.com" }{

 

if { [HTTP::uri] starts_with "/applications/app1" }

 

{ HTTP::redirect "https://[HTTP::host]/applications/app1/logon.aspx" }

 

elseif { [HTTP::uri] starts_with "/applications/app2" }

 

{ HTTP::redirect "https://[HTTP::host]/applications/app2/login.asp" }

 

elseif { [HTTP::uri] starts_with "/applications/app3" }

 

{ HTTP::redirect "https://[HTTP::host]/applications/app3/login.asp" }

 

elseif { [HTTP::uri] starts_with "/applications/app4" }

 

{ HTTP::redirect "https://[HTTP::host][HTTP::uri]" }

 

else {HTTP::request}

 

}

 

}

 

 

It will either work if we use the applications that require SSL, but will not work if it should be a non-SSL application. We have tried making it a http:profile protocol, but with the specific pages we need to redirect to, this will not work.

 

We have also tried using HTTP::redirect "http://[HTTP::host][HTTP::uri]", which also had mixed results. It would work sometimes and other times we receive a message, The page cannot be displayed

 

You have attempted to execute a CGI, ISAPI, or other executable program from a directory that does not allow programs to be executed.