Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How to configure Content Rules (Examples Included)

    1. Common Syntax
    2. Host Examples
      1. Content Match on Host
      2. Change Domain/Host
      3. Change "domain.com" to "www.domain.com"
    3. URL Examples
      1. Content Match on URL/Directory
      2. Change URL/Directory
      3. Redirect clients from “/” to “/testpage”
      4. Replace a Folder or Append Folders
    4. HTTP/HTTPS Examples
      1. Redirecting Clients from HTTP to HTTPS
      2. Change the Host Seen by the Real Server
      3. Rewrite Server Response from HTTP to HTTPS
      4. Redirect Content to a Different URL While Keeping the Directory/Path
    5. Other Examples
      1. Content Match on Source IP
      2. Content Match on User-Agent String
      3. Change the User-Agent String
      4. Content Match on a Query

Please note that we have published a beta for the content rule builder,

this tool with take the a URL and will output the regex syntax that is needed for a given scenario

this tool can be found here

1. Common Syntax

Note: The LoadMaster can use PCRE engine (https://www.pcre.org/).
If a field begins with the LoadMaster tries to use regular expression.
If a field does not begin with / then it is a literal match.

Below are a few common examples of regular expression that you can use.

Start/Stop regex /
Start Selection ^
End Selection $
Single Character .
Single Digit \d
Any word character (equal to [a-z A-Z 0-9 _ ]) \w
Wildcard *
Or, for example A|B, A or B |
Capture Groups, for example (ABC)(XYZ)(.*) ()
Capture Group 1, that is, present what was captured in the first capture group (ABC) \1
Capture Group 2, that is, present what was captured in the second capture group (XYZ) \2
Capture Group 2, that is, present what was captured in the third capture group (.*) \3
 

 2.1 Content Match on Host

Using the following rule to match a host or a domain. For example, match on www.domain.com and send these requests to a specific Real Server or SubVS.

Rule type Content Matching
Match Type Regular Expression
Header Field Host
Match String /^www\.domain\.com$/
Ignore Case enabled

 

Match Field Syntax
Start Regex  /
Start Match ^
Regular text www
Next character is literal \.
Regular text domain
Next character is literal \.
Regular text          com
End Match $
End Regex /
 

 

2.2 Using Content Switching to Change a Domain/Host

2.2.1 Option 1: Use a "302 redirect"

The logic of this option is as follows:
Client connects to www.domain.com, the LoadMaster sends a 302 redirect to the client and tells the client to connect to the new domain.
This can also be used for redirecting HTTP traffic to HTTPS.

Note: Clients will see the change in their browser.

On the LoadMaster: Go to Virtual Services > View/Modify Services > Modify > Advanced Properties > Not Available Redirection Handling.

302-Redirect.png

Set the Error Code to 302 Found.

Set the Redirect URL to the new domain, for example, http://www.newdomain.com.


For redirecting clients from HTTP to HTTPS:

%h
can be substituted for the Host/Domain                
%s can be substituted for the URL/Directory/Path

For example, redirecting from:
http://www.newdomain.com/test/index.html
to
https://www.newdomain.com/test/index.html

can also be written as:

http://%h%s
to
https://%h%s

 

2.2.2 Option 2: Rewrite the URL

The logic of this option is as follows:
Match on the host and replace the current host header with new host details.
Clients will not see the change in the browser.

 

Rule type Replace Header
Header Host
Match String /^www\.domain\.com$/
Replace with www.newdomain.com

 

Match Field Syntax
Start Regex  /
Start Match ^
Regular text www
Next character is literal \
Regular text .domain
Next character is literal   \
Regular text .com
End Match $
End Regex   /
 

 

2.3 Using Content Switching to Change a "domain.com" to "www.domain.com"

Using the following rule to match on domain.com. This causes the request to fail and be redirected to using a 302 redirect to www.domain.com.

Rule type Content Matching
Header Field Host
Match String /^www.(.*)/
Negation Enabled
Ignore Case Enabled
Fail On Match Enabled

The two options to note are:

  • Negation: This is enabled, meaning any request that does not match the pattern is content matched
  • Fail On Match: This is enabled which means, if a request is matched, then mark the request as failed. It will not content match to a Real Server, in this case it is triggering a 302 redirect.
Match Field Syntax
Start Regex  /
Start Match ^
Regular text www.
Start Capture Group 1 (
Wildcard  .*
End Capture Group 1 )
End Regex   /

 

302-Redirect2.png

The Not Available Redirection Handling must be enabled for this scenario to work.

Ensure its set to 302 Found and the Redirect URL is https://www.domain.com%s.

 

 

3.1 How to Content Match on URL/Directory

Use the following rule to match a URL or a directory. For example, with the URL https://www.domain.com/support/, match on /support and send this request to a SubVS or a Real Server.

Rule type Content Matching
Match Type Regular Expression
Header Field <Blank>
Match String /^\/support.*/
Ignore Case Enabled

 

Match Field Syntax
Start Regex  /
Start Match ^
Next character is literal \
Regular text /support
Literal character .
Wildcard         *
End Regex /
 

 3.2 Using Content Switching to Change URL

3.2.1 Option 1: 302 redirects

The logic of this option is as follows:
Client connects to www.domain.com/, the LoadMaster sends a 302 redirect to the client and tells the client to connect to the new URL www.domain.com/newpage.
This can also be used for redirecting HTTP traffic to HTTPS.

Note: Clients see the change in their browser.

On the LoadMaster, go to Virtual Services > View/Modify Services > Modify > Advanced Properties > Not Available Redirection Handling.


302_Orig2.png


Error Code: 302 Found
Redirect URL: http://www.newdomain.com/newpage

For redirecting clients from HTTP to HTTPS:
%h can be substituted for the Host/Domain                

For example:
http://www.newdomain.com/
is redirected to:
https://www.newdomain.com/newpage

 

This can also be written as: 

http://%h
to
https://%h/newpage


             
3.2.2 Option 2: Rewrite the URL

The logic of this option is as follows:
Match on the URL and replace it with a new URL.

For example, redirecting clients from http://www.newdomain.com/test to http://www.newdomain.com/newpage

Rule type Modify URL
   
Match String /^test$/
Modified URL newpage

 

Match Field Syntax
Start Regex  /
Start Match ^
Regular text test
End Match $
End Regex   /

 

 

3.3 Redirect Clients from “/” to “/testpage”

The logic of this option is as follows:
Match on the URL / and replace it with a new URL:
www.domain.com/ changed to www.domain.com/testpage/.

For example, redirecting clients from http://www.newdomain.com/ to http://www.newdomain.com/newpage.

Rule type Modify URL
Match String  /^\/$/
Modified URL  /newpage

 

Match Field Syntax
Start Regex  /
Start Match ^
Next character is literal \
Regular text /
End Match $
End Regex /
 

3.4 Replace a Folder or Append Folders

The logic of this option is as follows:
Match on the URL containing the string /myfolder/ but also capture what is before and after it.
Keep what is captured but change /myfolder/, for example, to XXX/myfolder/yyy.
Rewrite the URL as xxx/newfolder/newsubfolder/anotherfolder/yyy.

Rule Type Modify URL
Match String /(.*)(\/myfolder\/)(.*)/
Modified URL  \1/newfolder/newsubfolder/anotherfolder/\3

 

Match String Syntax
Start Regex  /
Start Capture Group 1 (
Wildcard .*
End Capture Group 1 )
Start Capture Group 2 (
Next character is literal \
Regular text /myfolder
Next character is literal \
Regular text /
End Capture Group 2 )
Start Capture Group 3 (
Wildcard .*
End Capture Group 3 )
End Regex   /

 

Modify URL Syntax
insert Capture Group 1 \1
Regular text /newfolder/newsubfolder/anotherfolder/
insert Capture Group 3 \3

 

 

4.1 Redirecting Clients from HTTP to HTTPS

The logic of this option is as follows:
Client connects to http://www.domain.com, the LoadMaster sends a 302 redirect to the client and tells the Client to connect to https://www.domain.com.

Note: Clients will see the change in their browser.

On the LoadMaster, go to Virtual Services > View/Modify Services > Modify > Advanced Properties > Not Available Redirection Handling.
Error Code: 302 Found
Redirect URL: https://%h%s


302_Orig3.png


%h can be substituted for the Host/Domain                
%s can be substituted for the URL/Directory/Path

For example, redirecting from:
http://www.newdomain.com/test/index.html
to
https://www.newdomain.com/test/index.html

Can also be written as:

http://%h%s
to
https://%h%s 

 

  

4.2 Change the Host seen by the Real Server

The logic of this option is as follows:
Clients connect to Domain A but the Real Server only responds to requests to Domain B. This rule changes the host name that is sent to the Real Server.

Clients will not see the change in the browser.

Rule Type Replace Header
Header Field Host
Match String /^.*/
Value of Header Field to be replaced newdomain.com

 

Match Field Syntax
Start Regex  /
Start Match ^
Wildcard .*
End Regex /

 

Request_Response.png
This rule should be applied as a Request Rule.

 

 4.3 Rewrite Server Response

The logic of this option is as follows.

If you have a server returning a redirect on the wrong port or wrong DNS name, this can be resolved using the following rule on the LoadMaster.

Clients connect to Domain A but the Real Server only responds to the request to Domain B. This rule changes the host name that is sent to the Real Server.

Clients will not see the change in the browser unless they checking using debug tools.

Syntax

Rule Type Replace Header
Header Field Location
Match String /^.*/
Value of Header Field to be replaced Https://www.newdomain.com/

 

Match Field Syntax
Start Regex  /
Start Match ^
Wildcard .*
End Regex /


Request_Response.png
This rule should be applied as a Response Rule.

 

 4.4 Redirect Content to a Different URL While Keeping the Directory/Path

Use this rule if you are looking to change part of the URL but keep the rest. For example:
Clients who connect to Https://domain.com/site/share/ should be redirected to 
Https://domain.com/external/share/.

Rule Type Modify URL
Match String /^site(.*)/
Modified URL /external\1/

 

Match Field Syntax
Start Regex  /
Start Match ^
Literal text site
Wildcard- capture everything in () and save it as capture group 1  (.*)
End Regex /

 

Replace with Syntax
Literal text /external
replace with saved data in capture group 1 \1
Literal text /

 

 

5.1 Content Match on Source IP
By using the following rule to match on the source IP address, it can be used to white-list a single IP address or a range of IP addresses.
If you select the Fail On Match option, it behaves as a blacklist.

An example of a rule you can create is shown below.

Rule Type: Content Matching
Match Type:  Regular Expression
Header Field: src-ip
If single address 192.168.10.10
Match String: /^192\.168\.10\.10$/
If address range   192.168.0.0/16
Match String: /^192\.168\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9][0-9]?)\.(25[0-4]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)$/

 

Explaining the Match String /^192\.168\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9][0-9]?)\.(25[0-4]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)$/
Start Regex: /
Start Match: ^
Match:   192.168. 
192.168.0 – 192.168.255
192.168.0.1 – 192.168.255.254
End Match $
End Regex /
 

 5.2 Content Match on User-Agent String

The logic of this option is as follows:
Match on clients using certain browsers, for example, clients using Internet Explorer 6 or clients using a mobile version of a browser, should be sent to a specific Real Server or a SubVS. 

Rule Type Content Matching
Match Type Regular Expression
Header Field User-Agent
Match String Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US)
Ignore Case Enabled

Examples of User-Agent strings can be found here:
http://www.useragentstring.com/pages/useragentstring.php


Note: In this example, the LoadMaster performs a literal match. If a field begins with / the LoadMaster tries to use regular expression. If a field does not begin with / then it is a literal match.

 

 5.3 Change the User-Agent String

The logic of this option is as follows:
Match on clients using certain browsers, or match on all browser types and change the user-agent string so that the Real Server sees that the request was sent by a certain type of browser.

This can be useful for testing webpages, or can be used for troubleshooting mobile client issues.

Rule Type Replace Header
Header Field User-Agent
Match String /^.*/
Value of Header Field to be replaced Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US)

Examples of User-Agent strings can be found here:
http://www.useragentstring.com/pages/useragentstring.php


 

 5.4 Content Match on a Query

The logic of this option is as follows:
Match on a query string, for example, based on the URL https://www.domain.com/orders/f?p=100, match on the query /f?p=100.

Rule Type Content Matching
Match Type Regular Expression
Header Field <Blank>
Match String /\/f\?p=100.*/
Ignore Case enabled
Include Query in URL enabled

 

Match Field Syntax
Start Regex  /
Next character is literal \
Regular text /f
Next character is literal \
Regular text ?p=100
Wildcard         *
End Regex /


 

 

 

 

 

 

 

For more details on content switching please see the following document:

Content Rules Feature Description


Was this article helpful?
4 out of 4 found this helpful

Comments