Forum Discussion
Cody_Conklin_17
Nimbostratus
NimbostratusSimple HTTPS redirect
I have an HTTPS Virtual Server that is terminating SSL. I would also like to take the inbound https requests and append a specific webpage to it. For example, if the user sends a request to https://example.mycompany.com I would like a redirect to https://example.mycompany.com/login_page
I have turned on the http profile on the virtual server and attempted the following iRule, to no avail:
when HTTP_REQUEST {
if { [HTTP::uri] equals "https://example.mycompany.com/" } {
HTTP::redirect https://example.mycompany.com/login_page }
}
Any assistance would be greatly appreciated.
5 Replies
- JRahm
Admin
Try this (untested!):when HTTP_REQUEST { if { [HTTP::host] equals "example.mycompany.com" } { HTTP::redirect https://example.mycompany.com/login_page } } 
Cody_Conklin_17Thanks for your help.
Unfortunately, now I seem to hit a URL redirect limit. Looks like a loop exists since the redirect https://example.mycompany.com/login_page contains the first condition to match against example.mycompany.com
Thankfully this isn't in production yet, so I can make adjustments to the iRules without much concern for taking the environment down.- Yeah, that will cause an infinite loop as each request will have the host example.mycompany.com and it will match the if every time. You'll want to put an additional check in there that you'll guaranteed won't get called consecutively.
I'm assuming that you will want to redirect to the login_page only if there is no uri specified.
BTW, in your first post you were puting the entire "url" in comparison with the "uri". The "uri" is the trailing path behind the hostname starting with a slashURL = http://example.mycompany.com/login_page
HTTP::host = example.mycompany.com
HTTP::uri = /login_page
This should get you going:when HTTP_REQUEST { if { [HTTP::host] equals "example.mycompany.com" } { if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } { HTTP::redirect https://example.mycompany.com/login_page } } }
If you don't want to do a full redirect, you can always use the "HTTP::uri" command to change the uri. This won't show up on the client's browser but it will direct them to the login_page (this can allow you to "hide" certain paths that you don't want publicly exposed.)when HTTP_REQUEST { if { [HTTP::host] equals "example.mycompany.com" } { if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } { HTTP::uri "/login_page" } } }
So now the following requests
https://example.mycompany.com
https://example.mycompany.com/
will get redirected (or forwarded) to
https://example.mycompany.com/login_page
-Joe - Cody_Conklin_17As expected, that works perfectly. Thanks so much for your help!
- One way to optimize this rule would be to remove the check for the host. If all traffic on the virtual is going through example.mycompany.com, then the first if is overkill. You might say it's just one string compare, but for 1000's of connections it can add up.
when HTTP_REQUEST { if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } { HTTP::redirect https://example.mycompany.com/login_page } }
Another alternative to doing two string comparisons would be to do a single string length command and test for a length less than or equal to 1. If there is a uri it is either empty or starting with a slash.when HTTP_REQUEST { if { [ string length [HTTP::uri] ] <= 1 } { HTTP::redirect https://example.mycompany.com/login_page } }
If you wanted to dig a little deeper, then you could try using the "string index" command testing for the 3rd character. If it is empty, then you know there is no trailing portion on the uri.when HTTP_REQUEST { if { [ string index [HTTP::uri] 2 ] equals "" } { HTTP::redirect https://example.mycompany.com/login_page } }
I'll leave it to unRuleY to check which one is more optimal.
*Note, I haven't tested these so you might want to give each a run through to see which works.
If you are running multiple hosts on this virtual then you might want to leave in the host comparison.
-Joe
