cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

irule redirect to new site for http and https traffic

wg
Nimbostratus
Nimbostratus

I need to create an irule to redirect traffic to a new site for both http and https.

My current rule is only working for http traffic, could use a hand on this as I don't have much experience with irule creation.

 

redirect traffic from 123.mydomain.com/random/stuff > abc.mydomain.com/random/stuff

current rule:

when HTTP_REQUEST { 

 if { [HTTP::uri] contains "/random/stuff/" } { 

  [HTTP::redirect "https://abc.mydomain.com[HTTP::uri]"

]

 }

}

 

 

 

4 REPLIES 4

NAG
Cirrostratus
Cirrostratus

Hi,

 

If you are handling both HTTP and HTTPS traffic, you should configure 2 Virtual servers. One listening on port 80 and the other listening on 443.

 

If you want to redirect on both http and https, you have apply iRule on both the Virtual Servers.

 

Here is are two examples::

 

For temporary redirect::

when HTTP_REQUEST { if { [string tolower [HTTP::host]] contains "/random/stuff" } { HTTP::redirect "https://abc.mydomain.com[HTTP::uri]" } }

For permanent redirect:

when HTTP_REQUEST { if { [string tolower [HTTP::host]] contains "/random/stuff" } { HTTP::respond 301 Location "https://abc.mydomain.com[HTTP::uri]" } }

 

Hope this helps,

Nag

 

 

wg
Nimbostratus
Nimbostratus

​Hi NAG,  thank you for the quick response.  I should have mentioned that there are separate virtual servers for 80 and 443 and the rule had been applied to each VS separately.

 

I left original irule attached to the port 80 vs as it was working as desired, I've applied your recommended permanent redirect to the 443 VS and attempted a few changes but the redirect does not appear to be firing, I'm going to set up logging to see what is causing this behavior.

 

WG

NAG
Cirrostratus
Cirrostratus

On the HTTPS VS, are you terminating the client side SSL connection on F5 or is it between Client and the back-end pool member ?

 

For F5 to parse HTTP traffic, you should terminate client side SSL connection on F5.

 

May be you are are aware of this but I just want to make sure you have looked it as well.

wg
Nimbostratus
Nimbostratus

Hi NAG

In response to your comment on client side SSL, we are terminating the client side SSL connection on the F5.

 

I came across an article regarding an https rewrite redirect profile which I'm following up on this morning.

 

https://devcentral.f5.com/s/articles/rewriting-redirects

 

I've associated the rewrite/redirect profile to the VS and am working on a new iRule to handle the rewrite.