2.1.1.3. Lab 3 - HTTP to HTTPS Redirect

  1. Create an iRule to redirect all traffic that arrives at an HTTP virtual server to be redirected to the same IP address but using an HTTPS port.
  2. The full original HTTP request should be maintained when re-directing. Example http://my.domain.com/app1/index1.html should redirect to https://my.domain.com/app1/inex.html
  3. Traffic goes to the HTTPS virtual server should still perform the pool selection and should still perform the header stripping from previous labs.

Important

  • Estimated completion time: 20 minutes

  1. Open Chrome Browser

  2. Enter https://bigip1 into the address bar and hit Enter

    ../../_images/bigip_login.png
  3. Login with username: admin

    password: admin.F5demo.com

  4. Click Local Traffic -> iRules -> iRules List

  5. Click Create button

    ../../_images/irule_create.png

  6. Enter Name of HTTP_to_HTTPS_iRule

  7. Enter Your Code

  8. Click Finished

  9. Click Local Traffic -> Virtual Servers -> Virtual Server List

  10. Click on http_irules_vip

    ../../_images/select_vs.png

  11. Click on the Resources tab.

  12. Click Manage button for the iRules section.

    ../../_images/resources.png

  13. Click on HTTP_to_HTTPS_iRule from the Available box and click the << button, thus moving it to the Enabled box, your first, second, and now third iRule’s should be in the Enabled box.

    ../../_images/lab3-irules-add.png

  14. Click the Finished button.

  15. Click Local Traffic -> Virtual Servers -> Virtual Server List.

  16. Click on https_irules_vip

    ../../_images/select_vs_https.png

  17. Click on the Resources tab

  18. Click Manage button for the iRules section

    ../../_images/resources.png

  19. Click on the 2 iRules you require to enable pool selection and Server header removal from the previous labs from the Available box and click the << button, thus moving them to the Enabled box.

    ../../_images/lab3-irules-add-https.png

  20. Enter http://dvwa.f5lab.com/ and ensure you get redirected to the HTTPS virtual server.

  21. Now enter http://wackopicko.f5lab.com/ and ensure you get redirected to the HTTPS virtual server.

  22. Finally, enter http://peruggia.f5lab.com/ ensure you get redirected to the HTTPS virtual server.

    ../../_images/lab3_verify.png

  23. From the previous lab the next two tests should confirm everything is working as before, but using HTTPS.

  24. Look at the headers for each of your requests. Did you log them all? What is the value of the Server header?

    ../../_images/lab2_verify-remove.png

Attention

OPTIONAL: Instead of removing the Server header in the response, change the value of the Server header to Microsoft-IIS/7.0.

../../_images/lab2_verify.png

Hint

Basic Hint if you need a hint here is some example code:

Link to DevCentral: https://clouddocs.f5.com/api/irules/HTTP__redirect.html

If you are really stuck, here is what we are looking for:

  1. When HTTP_Request comes in
  2. Redirect from HTTP to HTTPS
  3. Now you should have enough to understand and the majority of code to create the iRule. If not here is the complete iRule.