Forum Discussion

Nimbostratus

Sep 24, 2009

Best Practice to let server know connection was SSL

After working with the BigIP for several years, I feel silly asking this question, but when one uses SSL acceleration and sends data to the pool members in the clear, how does the backup application k...

Nimbostratus

Jan 20, 2010

I figured I would reply to my own question with my current thinking on how to handle this. I have two profiles: http (default) and https. Both are parent profiles so https is NOT a child of http.

In the https profile, add a header like "X-SSL". In the http profile, remove the header X-SSL just in case some joker adds this header to their request. The https profile enforces that only SSL traffic gets through the https virts so I know if the header X-SSL is present, this had to originated as an SSL transaction.

I hope that helps.

Tom

Forum Discussion

Best Practice to let server know connection was SSL

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

Security Best Practices for BIG-IP & BIG-IQ systems

Managing Kubernetes Traffic With F5 NGINX: A Practical Guide

F5 101 - Practice exams

Manage F5 BIG-IP Advanced WAF Policies with Terraform (Best Practices)

pool members can't connect to another Virtual Server