One of my biggest annoyances of NetScaler admins is when people use down vServers to do redirects. The reason that it bothers me is because it permanently marks the service as down (read: RED status) which inevitably always leads to questions as to why it was configured with something marked down. There is a better way to perform HTTP to HTTPS redirects on netScaler. The general idea is we create a responder action and policy and then a dummy monitor and service within the Load Balancing tab. Then we create a LB vServer on port 80 with the same IP address as the HTTPS site that we want redirect HTTP requests to and bind the policy and service to it.
- Click on the Responder tab and click on the actions menu
- Click Add to create a new responder policy and give it an appropriate name
- In the type list select REDIRECT and within the target field type the following: “https://” + HTTP.REQ.HOSTNAME.HTTP_URL_SAFE + HTTP.REQ.URL.PATH_AND_QUERY.HTTP_URL_SAFE
- By default the Bypass safety check should be unticked but just check it and make sure it is unticked then click the CREATE button.
- Click on responder policy and click CREATE.
- Name the policy something appropriate and from the Action dropbox select the responder action you have just created.
- Within the Undefined action list select reset.
- Within the expression box type HTTP.REQ.IS_VALID.