For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Jason_Andres_40's avatar
Jason_Andres_40
Icon for Nimbostratus rankNimbostratus
19 years ago

switch http to https if header contains "SSL" =1

I'm trying to create an iRule to switch HTTP to HTTPS if the HEADER contains SSL=1.

 

 

In our coldfusion code we insert in the the Header the name SSL with a value of 1 when someone clicks through to a page that requires SSL. If the page doesn't require SSL then the Header doesn't have the name SSL.

 

 

 

Rule to run on HTTP VS

 

 

when HTTP_RESPONSE {

 

if { [HTTP::header "SSL"] == 1 } {

 

if { [TCP::local_port] == 80 } {

 

HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]

 

}

 

}

 

 

 

 

Rule to run on HTTPS VS

 

 

when HTTP_RESPONSE {

 

if { [HTTP::header "SSL"] <> 1 } {

 

if { [TCP::local_port] == 443 }} {

 

HTTPS::redirect http://[getfield [HTTP::host] ":" 1][HTTP::uri]

 

}

 

}

 

application delivery
dev
devops
iRules

3 Replies

  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    19 years ago
    I'm not sure you'd need the second rule if you're only trying to redirect to SSL , but the first one looks sound.

     

     

    Is there a question or problem here?

     

     

    Colin
  • Jason_Andres_40's avatar
    Jason_Andres_40
    Icon for Nimbostratus rankNimbostratus
    19 years ago
    I'm using the editor with this code and I can't save it, the editor list errors in invalid arguments and missing {[}.

     

     

    I need the code on the HTTP VS to redirect back to HTTP when someone adds items to their cart after checking out they will redirect back to HTTP.

     

     

    We have code that does this on the server side but then we need to have ssl on client and server side.

     

     

    Are current setup we would require 2 Separate VS's and POOLS and 5 Node per website for 400+ sites.

     

     

  • Andy_Herrman_22's avatar
    Andy_Herrman_22
    Icon for Nimbostratus rankNimbostratus
    19 years ago
    Looks like you have one missing } in the first irule and a misplaced } in the second one.

    In the first one you have 5 "{" characters and only 4 "}" characters. You're not closing the "when" statement.

    In the second one you have a second "}" immediately after the second if's test. This should really be at the end.

    Here's what I came up with to fix it (there might still be problems, but this is what I found):

    
when HTTP_RESPONSE {
  if { [HTTP::header "SSL"] == 1 } {
    if { [TCP::local_port] == 80 } {
      HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
    }
  }
}
when HTTP_RESPONSE {
  if { [HTTP::header "SSL"] <> 1 } {
    if { [TCP::local_port] == 443 } {
      HTTPS::redirect http://[getfield [HTTP::host] ":" 1][HTTP::uri]
    }
  }
}