For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

dw_888_212625's avatar
dw_888_212625
Icon for Nimbostratus rankNimbostratus
Nov 13, 2015

ssl offloaded, traffic showing redirect to http

ssl offloaded, traffic showing redirect to http if ssl is offloaded at the LTM, if client access to the website, https://somewebsite.com it is ok. if client access to https://somewebsite.com/more it ...
LTM
security
Amine_Kadimi's avatar
Amine_Kadimi
Icon for MVP rankMVP
Nov 16, 2015

Check if your backend server is redirecting from "/more" to "http://somewebsite.com/" thus redirecting to the http version no matter what the client has requested.

 

If this is the case, you have multiple options to chose from including:

 

  1. Rewrite 30x redirects as mentioned by Kevin or
  2. Reconfigure the redirection on the server so it redirects relatively from "/more" to "/" instead of the full http url. or
  3. Create a redirect vs on F5 that redirects from http to https and open port 80 on your firewall. You'll then have two redirects: first one is the one you mentioned which is done at the server level, then a second one that is performed by F5 to redirect again to https://somewebsite.com/

Regards,