F5 HTTPS Redirect 2025
An updated HTTP to HTTPS redirect iRule for F5 BIG-IP that fixes the issues with the legacy redirect solution.
Employee
EmployeeGlobal Variable Scope and System-Wide Policy
My colleague and iRule expert code reviewer, Joseph Martin, pointed out an important implication for using RULE_INIT to set global variables. Variables defined in RULE_INIT are system-wide global, meaning they apply to all virtual servers with any iRule that references the same global variable names.
How Global Variables Work
When you set configuration values like ::redirect_code, ::security_headers_enabled, or ::port_mapping in RULE_INIT, these settings apply to every virtual server where this iRule is attached. This provides:
- Consistent redirect behavior across all applications
- Single configuration point for security headers
- Uniform port mapping rules
Considerations for Variable Customization
Since RULE_INIT variables share the global namespace across all iRules and virtual servers, any iRule that sets a variable with the same name will override the previous value system-wide.
If you need different configurations for specific virtual servers (such as selective debug logging, custom port mappings, or unique security headers), consider these approaches:
- Separate iRules - Create modified versions with different global variable values
- Runtime conditions - Add logic in HTTP_REQUEST to check the virtual server name or other criteria
- Local variable overrides - Use local variables within events to override global settings for specific requests
The global scope ensures consistent policy enforcement while allowing customization through standard iRule techniques when needed.