Secure Site not working correctly

Question

Hi &nbsp;
I have a secure site that has the following at the bottom of the page..&nbsp;
"Only secure content is displayed"&nbsp;
is there a way on the F5 that i can remove this...&nbsp;

hooleylist · Answer

Hi Angelo, 
&nbsp;  
&nbsp; It sounds like the application is referencing itself over HTTP when being SSL proxied by LTM. If you want to avoid the client getting an insecure content warning, you'd want to rewrite the response headers and/or payload from http:// to https://. It would help to determine where the http:// reference is (in response headers and/or content). You can use a browser plugin like HttpFox for Firefox or Fiddler.  
&nbsp;  
&nbsp; Depending on the application, you might be able to configure it to reference itself using https://. If not, you should be able to use an iRule to rewrite the http:// references to https://.  
&nbsp;  
&nbsp; Aaron

Forum Discussion

Secure Site not working correctly

Recent Discussions

ip x-forwarding

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Related Content

F5 Security Podcasts

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

Certifications for security professionals

API security

Ensuring Security in Continuous Integration and Continuous Deployment (CI/CD) Pipelines

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS