Change all HTTP requests to SSL/HTTPS on a Netscaler
I recently received a request to catch all requests on HTTP and redirect the user to the exact same URL that was requested but over SSL (HTTPS) instead. You can do this using a Responder Policy.
Basically the action to redirect over SSL will be:
"HTTP/1.1 301 Moved Permanently\r\n" + "Location: https://" + HTTP.REQ.HOSTNAME + HTTP.REQ.URL.PATH + "\r\n"
Make sure to Bypass the Safety check or it will give you an Input Expression is unsafe error. Don’t worry, this is just a warning message. The Netscaler tries to resolve URLs to make sure they respond when you write an expression. In this case we are telling it to catch any URL. So since it can’t validate something general like this, it throws the expression error. Make sure to bypass the safety check to get around this.
The responder policy that calls the action by looking for non-SSL connections should be:
!CLIENT.SSL.IS_SSL
You will notice I specified a 301 redirect in my action because I want to make sure any search engine spiders index my site URL as “https://www.mywebsite.com” and not as “http://www.mywebsite.com” for SEO purposes.
You may or may not want to bind the policy globally. I only apply responder policies to vservers that need them just to be cautious.
