Forum Discussion

Xcapee_249099's avatar
Icon for Nimbostratus rankNimbostratus
Feb 17, 2016

reverse proxy mapping of server with strict header checking

We are trying to map a number of separately developed apps onto the same domain with each app in a subdomain, so users can request and get directed to the correct app.

Apps we developed are in pools in our own hosting and working fine. We also need to map one app developed by a third party and hosted externally (

We have the ip address of this third party app in a pool and the traffic is flowing correctly but some browsers set headers which cause resource requests that follow the initial connection to receive a 403 FORBIDDEN response.

Unfortunately I don't have access to the Big-IP - it's a managed service, so writing and debugging iRules is a slow process.

What I need help with... Does this iRule effectively substitute headers in the outgoing request? I know the replace works, but how do I know these are the headers going over to the other end (I have no access to F5 or to 3rd party server).

        set uri [HTTP::uri]
        set httpver [HTTP::version]
        set headers [HTTP::header names]
        array unset request
        array set request {uri $uri}
        foreach header $headers {
          regsub -all {} [HTTP::header $header] newheadervalue
          set request($header) $newheadervalue
    set ENCRYPT 1;pool POOL-thirdparty-443-external;snat [IP::local_addr] 

I know the regsub is replacing the headers correctly. Where I am losing confidence is that I can't see the request headers of the outbound connection to the third party server.

Do I need to write the headers back into HTTP::header or does "set request" do that for the outbound request - i.e. is request a special object on the F5 that automatically sets the server side https request?

Thanks for your help

No RepliesBe the first to reply