LTM Policy Recipes II
This is another short article in an irregular series demonstrating some practical recipes using LTM Policy. Please also check out another article with a more complete overview of LTM Policy.
Forcing SSL connections
In today’s security conscious world, end users and service providers will frequently want sensitive information to be exchanged over an encrypted connection. Here is a simple policy that you could place on an unencrypted HTTP virtual server, which sends a redirect to a secure version of the same URL.
Task | Configuration |
Demostrates http-reply functionality, and use of Tcl expansions to access full URI. |
ltm policy /Common/force-ssl { |
Rewrite URI without issuing a redirect
Sometimes you want to rewrite a URI straightaway, without redirecting the client and incurring the overhead of an additional round-trip request/response cycle. Here is one way to do this using LTM Policy.
Task | Configuration |
Detect when a user is trying to access a private part of a site and direct the connection to the public part of the site. |
ltm policy /Common/rewrite-uri { |
Prevent other sites from using images
Some third party sites will try to “deep link” to images or other content on your site, so that they can use your content but not have to host it. Here is one idea of how you can manage this situation using an LTM Policy which inspects the HTTP request’s Referer: header.
Task | Configuration |
Detect when a request for image types (jpg, gif, or png) is coming from somewhere other than mydomain.com, and serve up a replacement image. |
ltm policy /Common/all-all { |