Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Redirect TLS 1.1/1.2 clients & Append the incoming URL to the redirect target

Go to solution
Mrwillbaclimon
Altocumulus
Altocumulus

‎01-Aug-2022 22:12

This is probably simpler than I'm trying to accomplish. I can't seem to get it working unfortunately. Any assistance would be appreciated.

Summary

  1. Goal is to trigger a redirect for TLS 1.1/1.2 clients and Append the incoming URL to the redirect
    (Testing out just the redirect first before I add more criteria)

Example

Inbound HTTPS Request 
https://abc.com/URIexample/abc/login?service=https%3A%2F%2website.domain.com

Redirect to HTTP(S) External Internet Site

https://xyz.com/random/random/warn.html?source=https://aaa.domainexample.com/blah/login?service=http...

Detail on redirect
 Redirect to ----> add "source="  AND append source URI adding

 

 

 


-Will
Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Mrwillbaclimon
Altocumulus
Altocumulus
In response to Mrwillbaclimon

‎11-Aug-2022 12:38

I added some if bypass statements and working very well!

 

Thanks again

equals "TLSv1" ) and (not ([HTTP::uri] contains "tlsWarnRedirected")) and (not([HTTP::header "User-Agent"] contains "customagent"))} {


-Will

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
Enes_Afsin_Al
MVP
MVP

‎02-Aug-2022 02:30

Hi Will,

Can you try this iRule?

when HTTP_REQUEST {
	if { [SSL::cipher version] equals "TLSv1.1" || [SSL::cipher version] equals "TLSv1.2" } {
		if { [HTTP::host] ne "xyz.com"} {
			HTTP::redirect https://xyz.com/random/random/warn.html?source=https://[HTTP::host][HTTP::uri]
			return
		}
	}
}

 

0 Kudos

Go to solution
Mrwillbaclimon
Altocumulus
Altocumulus
In response to Enes_Afsin_Al

‎02-Aug-2022 12:23

@Enes_Afsin_Al 

Thank you. I will test this in Dev shortly and respond with results.

Believe your right on point 🙂


-Will
0 Kudos

Go to solution
Mrwillbaclimon
Altocumulus
Altocumulus

‎04-Aug-2022 09:46

I did try it and it worked well...Thank you!

  • I modified "ne" statement with "starts with" 
  • Testing User-Agent if statements now

For example

 

if { ([HTTP::header "User-Agent"] contains "randomagentstring") and (not ([HTTP::header "User-Agent"] contains "random/7.0")) and (not ([HTTP::header "User-Agent"] contains "xyz")) and
(not ([HTTP::header "User-Agent"] contains "abc")) and (not ([HTTP::header "User-Agent"] contains "random2")) and (not ([HTTP::header "User-Agent"] contains "random3")) and
([HTTP::header "User-Agent"] contains "Build Version random") }{


-Will
0 Kudos

Go to solution
Mrwillbaclimon
Altocumulus
Altocumulus
In response to Mrwillbaclimon

‎11-Aug-2022 12:38

I added some if bypass statements and working very well!

 

Thanks again

equals "TLSv1" ) and (not ([HTTP::uri] contains "tlsWarnRedirected")) and (not([HTTP::header "User-Agent"] contains "customagent"))} {


-Will
0 Kudos
Copyright © 2023 Khoros, LLC