Nimbostratus
CirrostratusHi,
If you are handling both HTTP and HTTPS traffic, you should configure 2 Virtual servers. One listening on port 80 and the other listening on 443.
If you want to redirect on both http and https, you have apply iRule on both the Virtual Servers.
Here is are two examples::
For temporary redirect::
when HTTP_REQUEST {
if { [string tolower [HTTP::host]] contains "/random/stuff" } {
HTTP::redirect "https://abc.mydomain.com[HTTP::uri]"
}
}For permanent redirect:
when HTTP_REQUEST {
if { [string tolower [HTTP::host]] contains "/random/stuff" } {
HTTP::respond 301 Location "https://abc.mydomain.com[HTTP::uri]"
}
}Hope this helps,
Nag
NimbostratusHi NAG, thank you for the quick response. I should have mentioned that there are separate virtual servers for 80 and 443 and the rule had been applied to each VS separately.
I left original irule attached to the port 80 vs as it was working as desired, I've applied your recommended permanent redirect to the 443 VS and attempted a few changes but the redirect does not appear to be firing, I'm going to set up logging to see what is causing this behavior.
WG
CirrostratusOn the HTTPS VS, are you terminating the client side SSL connection on F5 or is it between Client and the back-end pool member ?
For F5 to parse HTTP traffic, you should terminate client side SSL connection on F5.
May be you are are aware of this but I just want to make sure you have looked it as well.
NimbostratusHi NAG
In response to your comment on client side SSL, we are terminating the client side SSL connection on the F5.
I came across an article regarding an https rewrite redirect profile which I'm following up on this morning.
https://devcentral.f5.com/s/articles/rewriting-redirects
I've associated the rewrite/redirect profile to the VS and am working on a new iRule to handle the rewrite.