Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

URL Redirect Switch not detecting on host for base domain

I am wanting to redirect certain hosts to HTTPS for offload. my iRule is working for hosts within the domain (e.g. www.domain.com) but not for base domain host (e.g. domain.com).

The below iRule is working for www and uat, but not the base domain. Any assistance for what is wrong.

when HTTP_REQUEST { switch [string tolower [HTTP::host]] { "domain.com" { HTTP::respond 301 Location "https://domain.com[HTTP::uri]"} "www.domain.com"; { HTTP::respond 301 Location "https://www.domain.com[HTTP::uri]"} "uat.domain.com" { HTTP::respond 301 Location "https://uat.domain.com[HTTP::uri]"} default {pool default_pool} } }

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I had to remove the ";" after "www.domain.com";, but otherwise your iRule syntax works as expected for me.

You could try using curl to test against the IP address of your VIP to see if you get the desired behavior.

curl -iv -H "Host: domain.com" http://<vip-address>/

If it works, compare against the output of:

curl -iv http://domain.com/

While your iRule syntax isn't wrong, it could be re-written as:

when HTTP_REQUEST {
    switch [string tolower [HTTP::host]] {
        "domain.com" -
        "www.domain.com" -
        "uat.domain.com" {
            HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]"
        }
        default {
            pool default_pool
        }
    }
}
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Expanding on from DannisJann’s answer, I recommend using getfield around the HTTP::host command to remove any trailing port e.g. curl -iv http://domain.com:80/ should still match in the switch statement.

Also you do not need to use the pool command as you have not overwritten the Virtual Server configured pool earlier in the iRule.

If you have used the pool command in an earlier iRule then you may want to put your pool selection back in but recommend using pool [LB::server pool] instead of the pool by name.

when HTTP_REQUEST {
    switch [string tolower [getfield [HTTP::host] : 1]] {
        "domain.com" -
        "www.domain.com" -
        "uat.domain.com" {
            HTTP::respond 301 Location "https://[HTTP::host][HTTP::uri]"
        }
        default {
            return
        }
    }
}
0
Comments on this Answer
Comment made 4 weeks ago by DennisJann 190

Web browsers should automatically remove ":80" and ":443" from the Host request header for http and https connections, respectively.

Even curl -iv http://domain.com:80/ will result in a Host request header value of "domain.com", at least on curl 7.54.

The test case would need to be curl -iv -H "Host: domain.com:80" http://domain.com/ to force appending the port number.

I've only needed to check for the port number in the Host request header for connections from (Java) web service clients.

0