Redirect or block HTTP traffic

Under most circumstances, a session over unencrypted HTTP should not be accepted. Using Link11 WAAP, admins can refuse HTTP requests by either:

  • Redirecting them to HTTPS

  • Or simply blocking them.

Admins must also choose whether to refuse HTTP traffic:

  • Globally, throughout the entire planet, or

  • Selectively, to certain paths within the planet.

This can all be done with a single Global Filter.

Initial Configuration

Create a Global Filter with these parameters:

  • Name and Description: as desired

  • Active mode: enabled

  • Source: self-managed

  • Tags: as desired, perhaps something descriptive such as http-received

Configuring the Action

The Global Filter's Action setting determines what will happen to the request.

To block the request completely, choose a blocking Action (perhaps the default Global filter block Action).

To redirect the HTTP request to HTTPS, you can select the default https redirect Action (shown below). If you choose to edit this Action or use a different one, ensure that the selected Action has the same Status code, and the same setting for the location header.

Configuring the Rule list

Within the Rule list, select +New Entry. Populate the new entry with:

  • Category set toTag

  • Match set toprotocol:http

  • Whatever Annotation you wish.

At this point, the Global Filter should look something like this:

Configuring the Scope

By following the steps above, you have a Global Filter that will block or redirect HTTP traffic globally, throughout the entire planet.

If this was your goal, skip down to the Saving and Publishing steps below.

If instead you only want to apply this Global Filter to certain paths within the planet, you must create one or more additional entries in the Rule list. Each should have:

  • Category set toPath

  • Match set to a regex describing the path

  • Whatever Annotation you wish.

Create as many entries as necessary to include all the desired paths.

Note that these entries should all be within the same section as the first Tag entry. (If instead you selected +New section, and the entries are now in separate sections, ensure that the relation between them is set to Relation: AND.)

Saving and Publishing

When you have completed the steps above, the Global Filter has been created.

Select Save, and then publish the changes.

PreviousQuickly block an attackerNextRun custom code

Last updated

Was this helpful?