CirrusHello @ll
I have a 2 vips http and https there is standard redirection from http to https and its working ...
BUT i need to change this a bit and here is my question :
Is it possible to have users coming from URL : abcwebsite.com going to HTTP VIP will not be redirected to HTTPS vip , but when users are coming from URL : abcwebsite.new.com will be redirected to HTTPS vip ?
Cirruslittle update additional url: - abcwebsite.com going to HTTP VIP will not be redirected to HTTPS vip - (with special sign) äbcwebsite.com going to HTTP VIP will not be redirected to HTTPS vip So there will be 2 www with no redirection to https .
Cirrusi found something like that but can someone help me with this and confirm it is ok or correct it please ? 🙂
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"abcwebsite.com" {
HTTP::respond 301 Location "http://abcwebsite.com[HTTP::uri]"
}
"äbcwebsite.com" {
HTTP::respond 301 Location "http://äbcwebsite.com[HTTP::uri]"
}
"abcwebsite.new.com" {
HTTP::respond 301 Location "https://abcwebsite.new.com[HTTP::uri]"
}
}
}
2nd one ******************************************
when HTTP_REQUEST {
if { [string tolower [HTTP::host]] equals "abcwebsite.com" } {
HTTP::respond 301 Location "http://abcwebsite.com[HTTP::uri]"
} elseif { [string tolower [HTTP::host]] equals "äbcwebsite.com" } {
HTTP::respond 301 Location "http://äbcwebsite.com[HTTP::uri]"
} else {
HTTP::redirect https://[HTTP::host][HTTP::uri]"
}
}
NimbostratusThere are a couple of issues with your example iRule, so let's have a look at it:
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"abcwebsite.com" {
HTTP::respond 301 Location "http://abcwebsite.com[HTTP::uri]"
}
"äbcwebsite.com" {
HTTP::respond 301 Location "http://äbcwebsite.com[HTTP::uri]"
}
"abcwebsite.new.com" {
HTTP::respond 301 Location "https://abcwebsite.new.com[HTTP::uri]"
}
}
}
The first case, abcwebsite.com will create an infinite redirect loop, since when you redirect to abcwebsite.com[HTTP::uri] you will match that again and redirect again, and again and...
To solve this you simple don't redirect at all. The idea is that if HTTP:host returns abcwebsite.com that traffic should be sent through to the servers, right? So it would look like this:
"abcwebsite.com" {
pool abcwebsite.com_pool
}
Or whatever your pool might be named for the application.
The second case, with äbcwebsite.com, this is actually not what the BIG-IP will see. Unless something has changed since last I looked at this, those characters aren't actually "allowed" so while you can register a name with special characters, the browser will encode those characters according to a specific method, and that's what will be sent in the host header. So the name will have to be encoded with an IDN converter and then you'll get this: xn--bcwebsite-u2a.com. Again, the example would create an infinite redirect loop so just send that to a pool as well.
The third one though is perfectly fine.
So that gives us something like this:
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"abcwebsite.com" {
pool abcwebsite.com_pool
}
"xn--bcwebsite-u2a.com" {
pool aumlbcwebsite.com_pool
}
"abcwebsite.new.com" {
HTTP::respond 301 Location "https://abcwebsite.new.com[HTTP::uri]"
}
}
}
The correct pool names has to be inserted of course.
CirrostratusHello slesh,
You can resolve this by configuring :
1) A VS vip_abcwebsite.new.com_https listening on port 443
2) A VS vip_abcwebsite.com_http listening on port 80 with the irule that redirects traffic from http to https for abcwebsite.new.com and do nothing (accept traffic) for abcwebsite.com
when HTTP_REQUEST {
if { [string tolower [HTTP::host]] equals "abcwebsite.new.com" } {
HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
} elseif { [string tolower [HTTP::host]] equals "abcwebsite.com" } {
do nothing
} else {
reject the traffic if using other hostname (optional)
reject
}
}
In this manner all traffic going to abcwebsite.new.com will be in https and all traffic going to abcwebsite.com will be in http...
Hope that it helps
regards