Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Cody_Conklin_17's avatar
Cody_Conklin_17
Icon for Nimbostratus rankNimbostratus
Jul 29, 2005

Simple HTTPS redirect

I have an HTTPS Virtual Server that is terminating SSL. I would also like to take the inbound https requests and append a specific webpage to it. For example, if the user sends a request to https://...
application delivery
dev
devops
irules
Joe_Pruitt's avatar
Joe_Pruitt
Jul 29, 2005
Yeah, that will cause an infinite loop as each request will have the host example.mycompany.com and it will match the if every time. You'll want to put an additional check in there that you'll guaranteed won't get called consecutively.

I'm assuming that you will want to redirect to the login_page only if there is no uri specified.

BTW, in your first post you were puting the entire "url" in comparison with the "uri". The "uri" is the trailing path behind the hostname starting with a slash

URL = http://example.mycompany.com/login_page

HTTP::host = example.mycompany.com

HTTP::uri = /login_page

This should get you going:

when HTTP_REQUEST {
  if { [HTTP::host] equals "example.mycompany.com" } {
    if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } {
      HTTP::redirect https://example.mycompany.com/login_page
    }
  }
}

If you don't want to do a full redirect, you can always use the "HTTP::uri" command to change the uri. This won't show up on the client's browser but it will direct them to the login_page (this can allow you to "hide" certain paths that you don't want publicly exposed.)

when HTTP_REQUEST {
  if { [HTTP::host] equals "example.mycompany.com" } {
    if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } {
      HTTP::uri "/login_page"
    }
  }
}

So now the following requests

https://example.mycompany.com

https://example.mycompany.com/

will get redirected (or forwarded) to

https://example.mycompany.com/login_page

-Joe