Advisory on http to https redirection

MVP

Jan 15, 2016

Hi Pwint,

it would

[log]

your

[HTTP::host]

and

[HTTP::uri]

and then send a 302 HTTP redirect through a raw TCP:80 connection and then closes the connection. If the received connection is not TCP:80, then it would just

[log]

I saw your other post (the post where you found this snippet). This is an old workaround to suppress the BigIP server header in HTTP responses send by your LTM. But in these days, the

[HTTP::respond]

command has build-in

noserver

option, so that the raw

[TCP::respond]

method wouldn't be required anymore. It will now look like this and can be used for incomming HTTP as well for HTTPS request...

HTTP::respond 302 noserver "Location" "https://[HTTP::host][HTTP::uri]" "Connection" "close"

The usecases of the

[TCP::respond]

and

[SSL::respond]

commands are somewhat comparable. The TCP version will send a raw cleartext TCP response and the SSL version would send a SSL protected but still raw TCP response. Basically the difference is just where the commands would integrate into the OSI-stack...

Cheers, Kai

Forum Discussion

Advisory on http to https redirection

Recent Discussions

Portal Access to HTTPS resources slow

HOW TO HIRE A HACKER TO RECOVER STOLEN BITCOIN. CONTACT FASTFUND RECOVERY

Big-IP Next 20.2.0-2.375.1+0.0.43 iRule count problem

rewrite Azure AD response for portal access via web portal

Azure SAML - F5 APM

Related Content

How To Read An F5 Security Advisory

HTTP To HTTPS Redirect 301

Easter Egg: BIG-IP Advisory Banner

Security Advisory Status

Http redirection