How to configure Content Rules (Examples Included)
- Common Syntax
- Host Examples
- URL Examples
- Content Match on URL/Directory
- Change URL/Directory
- Redirect clients from “/” to “/testpage”
- Replace a Folder or Append Folders
- HTTP/HTTPS Examples
- Redirecting Clients from HTTP to HTTPS
- Change the Host Seen by the Real Server
- Rewrite Server Response from HTTP to HTTPS
- Redirect Content to a Different URL While Keeping the Directory/Path
- Other Examples
Please note that we have published a beta for the content rule builder,
this tool with take the a URL and will output the regex syntax that is needed for a given scenario
this tool can be found here
1. Common Syntax
Note: The LoadMaster can use PCRE engine (https://www.pcre.org/).
If a field begins with / the LoadMaster tries to use regular expression.
If a field does not begin with / then it is a literal match.
Below are a few common examples of regular expression that you can use.
| Start/Stop regex | / |
| Start Selection | ^ |
| End Selection | $ |
| Single Character | . |
| Single Digit | \d |
| Any word character (equal to [a-z A-Z 0-9 _ ]) | \w |
| Wildcard | * |
| Or, for example A|B, A or B | | |
| Capture Groups, for example (ABC)(XYZ)(.*) | () |
| Capture Group 1, that is, present what was captured in the first capture group (ABC) | \1 |
| Capture Group 2, that is, present what was captured in the second capture group (XYZ) | \2 |
| Capture Group 2, that is, present what was captured in the third capture group (.*) | \3 |
2.1 Content Match on Host
Using the following rule to match a host or a domain. For example, match on www.domain.com and send these requests to a specific Real Server or SubVS.
| Rule type | Content Matching |
| Match Type | Regular Expression |
| Header Field | Host |
| Match String | /^www\.domain\.com$/ |
| Ignore Case | enabled |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Regular text | www |
| Next character is literal | \. |
| Regular text | domain |
| Next character is literal | \. |
| Regular text | com |
| End Match | $ |
| End Regex | / |
2.2 Using Content Switching to Change a Domain/Host
2.2.1 Option 1: Use a "302 redirect"
The logic of this option is as follows:
Client connects to www.domain.com, the LoadMaster sends a 302 redirect to the client and tells the client to connect to the new domain.
This can also be used for redirecting HTTP traffic to HTTPS.
Note: Clients will see the change in their browser.
On the LoadMaster: Go to Virtual Services > View/Modify Services > Modify > Advanced Properties > Not Available Redirection Handling.
Set the Error Code to 302 Found.
Set the Redirect URL to the new domain, for example, http://www.newdomain.com.
For redirecting clients from HTTP to HTTPS:
%h can be substituted for the Host/Domain
%s can be substituted for the URL/Directory/Path
For example, redirecting from:
http://www.newdomain.com/test/index.html
to
https://www.newdomain.com/test/index.html
can also be written as:
http://%h%s
to
https://%h%s
2.2.2 Option 2: Rewrite the URL
The logic of this option is as follows:
Match on the host and replace the current host header with new host details.
Clients will not see the change in the browser.
| Rule type | Replace Header |
| Header | Host |
| Match String | /^www\.domain\.com$/ |
| Replace with | www.newdomain.com |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Regular text | www |
| Next character is literal | \ |
| Regular text | .domain |
| Next character is literal | \ |
| Regular text | .com |
| End Match | $ |
| End Regex | / |
2.3 Using Content Switching to Change a "domain.com" to "www.domain.com"
Using the following rule to match on domain.com. This causes the request to fail and be redirected to using a 302 redirect to www.domain.com.
| Rule type | Content Matching |
| Header Field | Host |
| Match String | /^www.(.*)/ |
| Negation | Enabled |
| Ignore Case | Enabled |
| Fail On Match | Enabled |
The two options to note are:
- Negation: This is enabled, meaning any request that does not match the pattern is content matched
- Fail On Match: This is enabled which means, if a request is matched, then mark the request as failed. It will not content match to a Real Server, in this case it is triggering a 302 redirect.
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Regular text | www. |
| Start Capture Group 1 | ( |
| Wildcard | .* |
| End Capture Group 1 | ) |
| End Regex | / |
The Not Available Redirection Handling must be enabled for this scenario to work.
Ensure its set to 302 Found and the Redirect URL is https://www.domain.com%s.
3.1 How to Content Match on URL/Directory
Use the following rule to match a URL or a directory. For example, with the URL https://www.domain.com/support/, match on /support and send this request to a SubVS or a Real Server.
| Rule type | Content Matching |
| Match Type | Regular Expression |
| Header Field | <Blank> |
| Match String | /^\/support.*/ |
| Ignore Case | Enabled |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Next character is literal | \ |
| Regular text | /support |
| Literal character | . |
| Wildcard | * |
| End Regex | / |
3.2 Using Content Switching to Change URL
3.2.1 Option 1: 302 redirects
The logic of this option is as follows:
Client connects to www.domain.com/, the LoadMaster sends a 302 redirect to the client and tells the client to connect to the new URL www.domain.com/newpage.
This can also be used for redirecting HTTP traffic to HTTPS.
Note: Clients see the change in their browser.
On the LoadMaster, go to Virtual Services > View/Modify Services > Modify > Advanced Properties > Not Available Redirection Handling.
Error Code: 302 Found
Redirect URL: http://www.newdomain.com/newpage
For redirecting clients from HTTP to HTTPS:
%h can be substituted for the Host/Domain
For example:
http://www.newdomain.com/
is redirected to:
https://www.newdomain.com/newpage
This can also be written as:
http://%h
to
https://%h/newpage
3.2.2 Option 2: Rewrite the URL
The logic of this option is as follows:
Match on the URL and replace it with a new URL.
For example, redirecting clients from http://www.newdomain.com/test to http://www.newdomain.com/newpage
| Rule type | Modify URL |
| Match String | /^test$/ |
| Modified URL | newpage |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Regular text | test |
| End Match | $ |
| End Regex | / |
3.3 Redirect Clients from “/” to “/testpage”
The logic of this option is as follows:
Match on the URL / and replace it with a new URL:
www.domain.com/ changed to www.domain.com/testpage/.
For example, redirecting clients from http://www.newdomain.com/ to http://www.newdomain.com/newpage.
| Rule type | Modify URL |
| Match String | /^\/$/ |
| Modified URL | /newpage |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Next character is literal | \ |
| Regular text | / |
| End Match | $ |
| End Regex | / |
3.4 Replace a Folder or Append Folders
The logic of this option is as follows:
Match on the URL containing the string /myfolder/ but also capture what is before and after it.
Keep what is captured but change /myfolder/, for example, to XXX/myfolder/yyy.
Rewrite the URL as xxx/newfolder/newsubfolder/anotherfolder/yyy.
| Rule Type | Modify URL |
| Match String | /(.*)(\/myfolder\/)(.*)/ |
| Modified URL | \1/newfolder/newsubfolder/anotherfolder/\3 |
| Match String Syntax | |
| Start Regex | / |
| Start Capture Group 1 | ( |
| Wildcard | .* |
| End Capture Group 1 | ) |
| Start Capture Group 2 | ( |
| Next character is literal | \ |
| Regular text | /myfolder |
| Next character is literal | \ |
| Regular text | / |
| End Capture Group 2 | ) |
| Start Capture Group 3 | ( |
| Wildcard | .* |
| End Capture Group 3 | ) |
| End Regex | / |
| Modify URL Syntax | |
| insert Capture Group 1 | \1 |
| Regular text | /newfolder/newsubfolder/anotherfolder/ |
| insert Capture Group 3 | \3 |
4.1 Redirecting Clients from HTTP to HTTPS
The logic of this option is as follows:
Client connects to http://www.domain.com, the LoadMaster sends a 302 redirect to the client and tells the Client to connect to https://www.domain.com.
Note: Clients will see the change in their browser.
On the LoadMaster, go to Virtual Services > View/Modify Services > Modify > Advanced Properties > Not Available Redirection Handling.
Error Code: 302 Found
Redirect URL: https://%h%s
%h can be substituted for the Host/Domain
%s can be substituted for the URL/Directory/Path
For example, redirecting from:
http://www.newdomain.com/test/index.html
to
https://www.newdomain.com/test/index.html
Can also be written as:
http://%h%s
to
https://%h%s
4.2 Change the Host seen by the Real Server
The logic of this option is as follows:
Clients connect to Domain A but the Real Server only responds to requests to Domain B. This rule changes the host name that is sent to the Real Server.
Clients will not see the change in the browser.
| Rule Type | Replace Header |
| Header Field | Host |
| Match String | /^.*/ |
| Value of Header Field to be replaced | newdomain.com |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Wildcard | .* |
| End Regex | / |
This rule should be applied as a Request Rule.
4.3 Rewrite Server Response
The logic of this option is as follows.
If you have a server returning a redirect on the wrong port or wrong DNS name, this can be resolved using the following rule on the LoadMaster.
Clients connect to Domain A but the Real Server only responds to the request to Domain B. This rule changes the host name that is sent to the Real Server.
Clients will not see the change in the browser unless they checking using debug tools.
Syntax
| Rule Type | Replace Header |
| Header Field | Location |
| Match String | /^.*/ |
| Value of Header Field to be replaced | Https://www.newdomain.com/ |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Wildcard | .* |
| End Regex | / |
This rule should be applied as a Response Rule.
4.4 Redirect Content to a Different URL While Keeping the Directory/Path
Use this rule if you are looking to change part of the URL but keep the rest. For example:
Clients who connect to Https://domain.com/site/share/ should be redirected to Https://domain.com/external/share/.
| Rule Type | Modify URL |
| Match String | /^site(.*)/ |
| Modified URL | /external\1/ |
| Match Field Syntax | |
| Start Regex | / |
| Start Match | ^ |
| Literal text | site |
| Wildcard- capture everything in () and save it as capture group 1 | (.*) |
| End Regex | / |
| Replace with Syntax | |
| Literal text | /external |
| replace with saved data in capture group 1 | \1 |
| Literal text | / |
5.1 Content Match on Source IP
By using the following rule to match on the source IP address, it can be used to white-list a single IP address or a range of IP addresses.
If you select the Fail On Match option, it behaves as a blacklist.
An example of a rule you can create is shown below.
| Rule Type: | Content Matching |
| Match Type: | Regular Expression |
| Header Field: | src-ip |
| If single address | 192.168.10.10 |
| Match String: | /^192\.168\.10\.10$/ |
| If address range | 192.168.0.0/16 |
| Match String: | /^192\.168\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9][0-9]?)\.(25[0-4]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)$/ |
| Explaining the Match String | /^192\.168\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9][0-9]?)\.(25[0-4]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)$/ |
| Start Regex: | / |
| Start Match: | ^ |
| Match: | 192.168. |
| 192.168.0 – 192.168.255 | |
| 192.168.0.1 – 192.168.255.254 | |
| End Match | $ |
| End Regex | / |
5.2 Content Match on User-Agent String
The logic of this option is as follows:
Match on clients using certain browsers, for example, clients using Internet Explorer 6 or clients using a mobile version of a browser, should be sent to a specific Real Server or a SubVS.
| Rule Type | Content Matching |
| Match Type | Regular Expression |
| Header Field | User-Agent |
| Match String | Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US) |
| Ignore Case | Enabled |
Examples of User-Agent strings can be found here:
http://www.useragentstring.com/pages/useragentstring.php
Note: In this example, the LoadMaster performs a literal match. If a field begins with / the LoadMaster tries to use regular expression. If a field does not begin with / then it is a literal match.
5.3 Change the User-Agent String
The logic of this option is as follows:
Match on clients using certain browsers, or match on all browser types and change the user-agent string so that the Real Server sees that the request was sent by a certain type of browser.
This can be useful for testing webpages, or can be used for troubleshooting mobile client issues.
| Rule Type | Replace Header |
| Header Field | User-Agent |
| Match String | /^.*/ |
| Value of Header Field to be replaced | Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US) |
Examples of User-Agent strings can be found here:
http://www.useragentstring.com/pages/useragentstring.php
5.4 Content Match on a Query
The logic of this option is as follows:
Match on a query string, for example, based on the URL https://www.domain.com/orders/f?p=100, match on the query /f?p=100.
| Rule Type | Content Matching |
| Match Type | Regular Expression |
| Header Field | <Blank> |
| Match String | /\/f\?p=100.*/ |
| Ignore Case | enabled |
| Include Query in URL | enabled |
| Match Field Syntax | |
| Start Regex | / |
| Next character is literal | \ |
| Regular text | /f |
| Next character is literal | \ |
| Regular text | ?p=100 |
| Wildcard | * |
| End Regex | / |
For more details on content switching please see the following document:
Content Rules Feature Description