For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

george_burtz_31's avatar
george_burtz_31
Icon for Nimbostratus rankNimbostratus
Feb 02, 2005

requiring client SSL based on URI

Question about writing an iRule for v 903.     Our developers have created a web app that is listed as www.domain.com/folder. When you hit that site, IIS does a redirect to www.domain.com/...
application delivery
dev
devops
iRules
george_burtz_31's avatar
george_burtz_31
Icon for Nimbostratus rankNimbostratus
Feb 04, 2005
Thanks!!!! Adding the trailing / on the redirect did it. The original problem was that when the redirect happened, the SSL was not working. Here's the actual config in the box now.

 

 

The 2 V-servers

 

 

virtual TEST-V-SERVER-LACR {

 

destination 50.1.1.11:http

 

ip protocol tcp

 

profile https-redirect-test tcp

 

pool TEST-POOL-11

 

rule lacr-secure-redirect

 

}

 

virtual TEST-V-SERVER-LACR-SECURE {

 

destination 50.1.1.11:https

 

ip protocol tcp

 

profile landamcredit.com tcp

 

pool TEST-POOL-11

 

 

The iRule...

 

 

rule lacr-secure-redirect {

 

when HTTP_REQUEST {

 

if { [HTTP::uri] ends_with "/credit" } {

 

HTTP::redirect "https://www.lacr.com/credit-secured/"

 

log local0. "Connect from IP [IP::remote_addr] destined for [HTTP::uri] redirected to secured site"}

 

 

You referred to a command "redirect rewrite matching". That is not enabled now. How would that relate to this kind of situation?