Simple HTTPS redirect

Try this (untested!):

when HTTP_REQUEST {
  if { [HTTP::host] equals "example.mycompany.com" } {
    HTTP::redirect https://example.mycompany.com/login_page 
    }
  }

Thanks for your help.

 

 

Unfortunately, now I seem to hit a URL redirect limit. Looks like a loop exists since the redirect https://example.mycompany.com/login_page contains the first condition to match against example.mycompany.com

 

 

Thankfully this isn't in production yet, so I can make adjustments to the iRules without much concern for taking the environment down.

Yeah, that will cause an infinite loop as each request will have the host example.mycompany.com and it will match the if every time. You'll want to put an additional check in there that you'll guaranteed won't get called consecutively.

I'm assuming that you will want to redirect to the login_page only if there is no uri specified.

BTW, in your first post you were puting the entire "url" in comparison with the "uri". The "uri" is the trailing path behind the hostname starting with a slash

URL = http://example.mycompany.com/login_page

HTTP::host = example.mycompany.com

HTTP::uri = /login_page

This should get you going:

when HTTP_REQUEST {
  if { [HTTP::host] equals "example.mycompany.com" } {
    if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } {
      HTTP::redirect https://example.mycompany.com/login_page
    }
  }
}

If you don't want to do a full redirect, you can always use the "HTTP::uri" command to change the uri. This won't show up on the client's browser but it will direct them to the login_page (this can allow you to "hide" certain paths that you don't want publicly exposed.)

when HTTP_REQUEST {
  if { [HTTP::host] equals "example.mycompany.com" } {
    if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } {
      HTTP::uri "/login_page"
    }
  }
}

So now the following requests

https://example.mycompany.com

https://example.mycompany.com/

will get redirected (or forwarded) to

https://example.mycompany.com/login_page

-Joe

As expected, that works perfectly. Thanks so much for your help!

One way to optimize this rule would be to remove the check for the host. If all traffic on the virtual is going through example.mycompany.com, then the first if is overkill. You might say it's just one string compare, but for 1000's of connections it can add up.

when HTTP_REQUEST {
  if { [HTTP::uri] equals "" or [HTTP::uri] equals "/" } {
    HTTP::redirect https://example.mycompany.com/login_page
  }
}

Another alternative to doing two string comparisons would be to do a single string length command and test for a length less than or equal to 1. If there is a uri it is either empty or starting with a slash.

when HTTP_REQUEST {
  if { [ string length [HTTP::uri] ] <= 1 } {
    HTTP::redirect https://example.mycompany.com/login_page
  }
}

If you wanted to dig a little deeper, then you could try using the "string index" command testing for the 3rd character. If it is empty, then you know there is no trailing portion on the uri.

when HTTP_REQUEST {
  if { [ string index [HTTP::uri] 2 ] equals "" } {
    HTTP::redirect https://example.mycompany.com/login_page
  }
}

I'll leave it to unRuleY to check which one is more optimal.

*Note, I haven't tested these so you might want to give each a run through to see which works.

If you are running multiple hosts on this virtual then you might want to leave in the host comparison.

-Joe