Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Host header injection iRule

Go to solution
PG0581
Cirrus
Cirrus

‎28-Apr-2022 11:57

I would like to create an iRule that whitelists based on the HTTP host header value, and if that matches redirect to HTTPS. 

Can someone confirm if what I have will work? 

 

 

ltm rule whitelist-http-host-header {
    when HTTP_REQUEST {
        if { [string tolower [HTTP::header values "Host"]] equals "abc.com"} {
            redirect to "HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]"
        } else {[HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"} 

        }
    }

 

 

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Enes_Afsin_Al
MVP
MVP

‎28-Apr-2022 12:18

Hi PG0581,

when HTTP_REQUEST {
	if { [HTTP::host] eq "abc.com" } {
		HTTP::redirect "https://abc.com[HTTP::uri]"
		return
	} else {
		HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"
	}
}

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
Enes_Afsin_Al
MVP
MVP

‎28-Apr-2022 12:18

Hi PG0581,

when HTTP_REQUEST {
	if { [HTTP::host] eq "abc.com" } {
		HTTP::redirect "https://abc.com[HTTP::uri]"
		return
	} else {
		HTTP::respond 400 content "Bad Request" "Content-Type" "text/html"
	}
}
0 Kudos

Go to solution
PG0581
Cirrus
Cirrus
In response to Enes_Afsin_Al

‎28-Apr-2022 12:35

Thanks very much @Enes_Afsin_Al 

0 Kudos
Copyright © 2023 Khoros, LLC