HTTP::respond over SSL

Do you have an HTTP profile applied to the VIP? Do you have a client SSL profile applied to the VIP?

Yes, sorry I forgot to mention that. Yes to both. If I make a request that doesn't trigger the iRule the response comes back fine.

The iRule should always being triggered for HTTP requests. Try adding some logging.

when HTTP_REQUEST {
    log local0. "here: [HTTP::method]"

    set allowed {PUT POST GET DELETE}
    if { [lsearch $allowed [HTTP::method]] < 0 } {
        log local0. "HTTP [HTTP::method] REJECTED!"
        HTTP::respond 405 content "Method not allowed"
    }
}

Do you have you aren't showing us AFTER the HTTP::respond? Try adding in return immediately after HTTP::respond and see if that fixes things.

@Kevin - sorry, by "trigger" I meant a request that enters the

if

@IheartF5 - I don't follow why return would help in this case.

Have you checked the LTM log (/var/log/ltm)? If there's an issue with the iRule logic, it'll usually log an error.

Took another look in there. Turns out adding my rule above was causing an

HTTP::header insert

Rather than setting a variable with every request why not use a data group containing your allowed verbs with something like this?

when HTTP_REQUEST {
    if { not ([class match [HTTP::method] equals allowed_verbs]) } {
        HTTP::respond 405 noserver
    }
}

Rather than setting a variable with every request why not use a data group containing your allowed verbs with something like this?

when HTTP_REQUEST {
    if { not ([class match [HTTP::method] equals allowed_verbs]) } {
        HTTP::respond 405 noserver
    }
}