Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

HTTPS Redirect for a specific URL, URI

I have an iRule that I have written that I think will do what I need it to do but would like someone to confirm this, or tell me what's wrong. (Joe is just an example)

when HTTP_REQUEST {
if {([HTTP::host] equals "www.joe.com" and
([HTTP::uri] equals "/net/myjoe")}
{ HTTP::uri "https://www.joe.com/net/myjoe"
}
}

When a client request "http://www.joe.com/net/myjoe" I need them to be redirected to "https://www.joe.com/net/myjoe".
But if they request any other uri at www.joe.com using http I need that traffic to be passed to the pool.

Will the above iRule work?
1
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Are you applying this iRule on an HTTPS VIP?

It's may be better to simplify it for each.

HTTP VIP:

when HTTP_REQUEST {
    if { [string tolower [HTTP::uri]] starts_with "/contact-us" } {
        HTTP::redirect "https://[HTTP::host][HTTP::uri]"
    }
}

HTTPS VIP:

when HTTP_REQUEST {
    if { not ( [string tolower [HTTP::uri]] starts_with "/contact-us" ) } {
        HTTP::redirect "http://[HTTP::host][HTTP::uri]"
    }
}
1
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
This one will do exactly what you are asking:

when HTTP_REQUEST {
	if { [HTTP::host] equals "www.joe.com" and [HTTP::uri] starts_with "/net/myjoe" } {
		HTTP::redirect "https://www.joe.com/net/myjoe"
	}
}


I find this way to be a little more elegant and flexible.

when HTTP_REQUEST {
	if { [HTTP::host] equals "www.joe.com" and [HTTP::uri] starts_with "/net/myjoe" } {
		HTTP::redirect "https://[HTTP::host][HTTP::uri]"
	}
}


In the first example it will redirect you directly to "https://www.joe.com/net/myjoe", but the second example is a little more robust. Say you accessed the site with "http://www.joe.com/net/myjoe/content/index.html".

The first iRule would redirect you to "https://www.joe.com/net/myjoe" striping the "/content/index.html" off of the URL (this could be bad or confusing to the users).

The second iRule would do the following.

Redirect from HTTP to HTTPS
Detect the [HTTP::host] - "www.joe.com"
Detect the [HTTP::uri] - "/net/myjoe/content/index.html"

Put it all together and redirect the user: "https://www.joe.com/net/myjoe/content/index.html"
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Thanks Michael,

Both of those will work great. I appreciate you taking the time to reply.

Thanks again,

Randy Mays

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

am using the following iRule, it works for https but the else line doesn't take the page back to http. Can anyone assist here? Am I using correct method? I want page to redirect back to http when user move away from /Contact-Us page.

when HTTP_REQUEST { if { [HTTP::host] equals "oaccac-pp.com" and [HTTP::uri] starts_with "/Contact-Us"} {HTTP::redirect "https://[HTTP::host][HTTP::uri]"} else {HTTP::redirect "http//[HTTP::host][HTTP::uri]"} }

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Could this simply be a typo.

else {HTTP::redirect "http//[HTTP::host][HTTP::uri]"} }

should this be:

else {HTTP::redirect "http://[HTTP::host][HTTP::uri]"} }

Rgds

N

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Also, I wonder if the request away from Contact Us is in the same connection then you'd need oneconnect on the VIP. Hope I'm right on this...sure I'll be corrected if not.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Remember that HTTP::redirect will create an HTTP 302 response (Moved Temporarily). If you ever need a permanent redirect for SEO reasons, use HTTP::respond 301 ... instead.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Thank you Kevin, it worked. Now I have one more page /feedback and I tried this code but doesn't work: HTTP VIP: when HTTP_REQUEST { if { [string tolower [HTTP::uri]] starts_with "/contact-us" } {HTTP::redirect "https://[HTTP::host][HTTP::uri]" } elseif { [string tolower [HTTP::uri]] starts_with "/feedback" } { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }

HTTPS VIP: when HTTP_REQUEST { if { not ( [string tolower [HTTP::uri]] starts_with "/contact-us" ) } {HTTP::redirect "http://[HTTP::host][HTTP::uri]" } elseif { [string tolower [HTTP::uri]] starts_with "/feedback" } { HTTP::redirect "http://[HTTP::host][HTTP::uri]" } } pl. assist.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Try these:

HTTP:

when HTTP_REQUEST { 
    if { ( [string tolower [HTTP::uri]] starts_with "/contact-us" ) or ( [string tolower [HTTP::uri]] starts_with "/feedback" ) } { 
        HTTP::redirect "https://[HTTP::host][HTTP::uri]" 
    } 
}

HTTPS:

when HTTP_REQUEST { 
    if { not ( [string tolower [HTTP::uri]] starts_with "/contact-us" ) or not ( [string tolower [HTTP::uri]] starts_with "/feedback" ) } { 
        HTTP::redirect "http://[HTTP::host][HTTP::uri]" 
    } 
}
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi, Thanks so much for your response. I applied http and https rules you provided on each VS. when I click on /contact-us or /feedback, they are broken now. I tried accessing them directly by using URLs as well over http and https but same result - 404 just for those 2 pages. Anything else I can try?

0
Comments on this Answer
Comment made 16-Sep-2013 by Anthony Graber 117
Kvitol, it may be helpful if you posted your configurations. I think something is missing.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

This setting worked well for both pages. Thank you guys for assisting.

HTTP VIP: when HTTP_REQUEST { if { ( [string tolower [HTTP::uri]] starts_with "/contact-us" ) or ( [string tolower [HTTP::uri]] starts_with "/feedback" ) } { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }

HTTPS VIP: when HTTP_REQUEST { if { not ( [string tolower [HTTP::uri]] starts_with "/contact-us" ) and not ( [string tolower [HTTP::uri]] starts_with "/feedback" ) } { HTTP::redirect "http://[HTTP::host][HTTP::uri]" } }

0