iRule to stop SSLv3 connections

The below iRule written by my team will stop all SSLv3 connections. If you are not using the SSL termination capabilities of your BIG-IP and instead are doing TCP load balancing, then the iRule will ...
Updated Mar 18, 2022
Version 2.0
application delivery
devops
iRules
security
RobertColbert's avatar
RobertColbert
Icon for Nimbostratus rankNimbostratus
Oct 24, 2014
If you want more control over what happens to the connection (i.e. redirect to another page) you could use something like this: [code] when HTTP_REQUEST { set cipherSuite [SSL::cipher version] if { $cipherSuite equals "SSLv3" } { log local0. "SSL3 connection detected from [IP::client_addr] for [virtual name]" HTTP::redirect http://noSSLv3/page.html TCP::close } } [/code]