Maybe someone can help me out.
I have two rules in my web.config, one for pre-render and one for Vue.
I have stacked them like this:
<rules>
<rule name="prerender.io" stopProcessing="true">
<match url="(\.js|\.json|\.css|\.xml|\.less|\.png|\.jpg|\.jpeg|\.gif|\.pdf|\.doc|\.txt|\.ico|\.rss|\.zip|\.mp3|\.rar|\.exe|\.wmv|\.doc|\.avi|\.ppt|\.mpg|\.mpeg|\.tif|\.wav|\.mov|\.psd|\.ai|\.xls|\.mp4|\.m4a|\.swf|\.dat|\.dmg|\.iso|\.flv|\.m4v|\.torrent|\.ttf|\.woff|\.svg)" negate="true" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_USER_AGENT}" pattern="googlebot|bingbot|yandex|baiduspider|facebookexternalhit|twitterbot|rogerbot|linkedinbot|embedly|quora\ link\ preview|showyoubot|outbrain|pinterest\/0\.|pinterestbot|slackbot|vkShare|W3C_Validator|whatsapp" />
<add input="{QUERY_STRING}" pattern="_escaped_fragment_" />
</conditions>
<serverVariables>
<set name="HTTP_X_PRERENDER_TOKEN" value="<removed>" />
</serverVariables>
<action type="Rewrite" url="https://service.prerender.io/https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" logRewrittenUrl="true" />
</rule>
<rule name="Vue" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_URI}" pattern="^/api/.*" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="/" />
</rule>
</rules>
The problem is, when googlebot tries to access my site, most of the time it comes back with a URL Rewrite error 500. If I remove googlebot from the prerender rule, it will stop throwing the rewrite error, which leads me to believe the issue is with that rule, but their support team tell me it's not.
Can anyone see any glaringly obvious issues with my rules? Or know something I am missing?
It turns out this was due to ARR proxy not being turned on.
Because I host on Azure, it had to create a new file called applicationHost.xdt and add this:
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.webServer>
<proxy xdt:Transform="InsertIfMissing" enabled="true" preserveHostHeader="false"
reverseRewriteHostInResponseHeaders="false" />
<rewrite>
<allowedServerVariables>
<add name="HTTP_X_PRERENDER_TOKEN" xdt:Transform="InsertIfMissing" />
</allowedServerVariables>
</rewrite>
</system.webServer>
</configuration>
If you use IIS, you can follow this link:
https://learn.microsoft.com/en-us/iis/extensions/configuring-application-request-routing-arr/creating-a-forward-proxy-using-application-request-routing
Related
I've been working on a Laravel project for some time now and unfortunately hit a snag with sending a DELETE request on the production version hosted on Microsoft Azure. I found out the issue was that Azure by default denies DELETE requests to which I was directed to: How do I enable PUT requests in Azure?. However, I've updated the web.config file to the following: (Server PHP version 7.3, 64-bit)
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
<system.webServer>
<handlers>
<remove name="PHP73_via_FastCGI" />
<add name="PHP73_via_FastCGI" path="*.php" verb="GET, PUT, POST, HEAD, OPTIONS, TRACE, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK, DELETE" modules="FastCgiModule" scriptProcessor="D:\Program Files\PHP\v7.3\php-cgi.exe" resourceType="Either" requireAccess="Script" />
</handlers>
<rewrite>
<rules>
<rule name="Imported Rule 1" stopProcessing="true">
<match url="^(.*)/$" ignoreCase="false" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="/{R:1}" />
</rule>
<rule name="Imported Rule 2" stopProcessing="true">
<match url="^" ignoreCase="false" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I had previously tried to run this accessing D:\Program Files (x86) but unfortunately that hasn't worked either. I've posted the entire web.config because I'm not sure if some of the other settings that have been added conflict with trying to enable the DELETE.
For reference here's the route that is called:
Route::group(['middleware' => ['auth']], function($router) {
Route::post('likes', 'LikesController#store');
Route::delete('likes/{', 'LikesController#remove');
Route::delete('likes/{like}', 'LikesController#remove');
});
The call to LikesController#remove only runs $like->delete(); and then returns the comment without the like that has been deleted.
Method inside of the view component that calls axios:
axios.post('/api/likes', {comment_id: this.comment.id}).then((response) => {
this.comment = response.data;
}
I have this working fine on my local build so I'm unsure of why the issue is persisting beyond the fix that has been provided. If there's anything else that is needed please let me know and I will edit the post.
Window 2016 / IIS 10.
I want to block all requests that are using the servername:portnumber/service and enforce the use of DNS-aliases. Problem at the moment seems to be that when the rule "Allow SOAPUI" matches it does not stop processing and therefore the last one kicks in and blocks SOAPUI
<rule name="Allow SOAPUI" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="dsttst100*" />
<add input="{HTTP_USER_AGENT}" pattern="*SOAPUI*" negate="true" />
</conditions>
<action type="Rewrite" url="http://redirect.to.what" />
</rule>
<rule name="Only allow requests from loadbalancer" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{REMOTE_ADDR}" pattern="111.22.55.11" negate="true" />
</conditions>
<action type="CustomResponse" statusCode="403" subStatusCode="6" statusReason="Only allowed from IISAR01 (use DNS) or using SOAPUI" statusDescription="Use dns-alias" />
</rule>
While trying do describe my issue I did figure out the solution - at least one possible solution. The reason for the second rule being triggered is that whenever a request with servername:port and SOAPUI user agent was triggered it did not match the first rule...since it was SOAPUI. Solution was to create a second rule with action type none if servername:portnumber AND SOAPUI.
<rule name="Servername - allow SOAPUI" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="dsttst100*" />
<add input="{HTTP_USER_AGENT}" pattern="*SOAPUI*" />
</conditions>
<action type="None" />
</rule>
This will then prevent the last rule to be processed.
I was dealing with CORS issue a couple days ago where I need to support multiple origins. I did some research and found a couple posts pointing me to this great tool (URL Rewrite). I got the solution I wanted following Paco Zarate tip here: Access-control-allow-origin with multiple domains using URL Rewrite. I also found another post here: http://www.carlosag.net/articles/enable-cors-access-control-allow-origin.cshtml showing me how to achieve the same solution with a different method of configuration within URL Rewrite.
Paco Zarate solution works like a charm. Why am I still asking question? It's just for learning purposes. And also I think the second post configuration yields a more elegant list of origins/domains I want to white-listed. For ease of maintainability I can just go to the Rewrite Maps and see all of my AllowedOrigins.
When attempted the second post's solution, I got this message: ERR_CONNECTION_RESET under Console tab of the browser debugger tool. And the request header under Network tab says "Provisional headers are shown"
Many thanks in advance.
My config file:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed" />
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Headers" value="Origin, Content-Type, Accept" />
<add name="Access-Control-Request-Method" value="POST" />
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Origin" value="http://localhost:8080" />
</customHeaders>
</httpProtocol>
<rewrite>
<rules>
<rule name="Capture Origin Header">
<match url=".*" />
<conditions>
<add input="{HTTP_ORIGIN}" pattern=".+" />
</conditions>
<serverVariables>
<set name="CAPTURED_ORIGIN" value="{C:0}" />
</serverVariables>
<action type="None" />
</rule>
<rule name="Preflight Options" enabled="false" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{REQUEST_METHOD}" pattern="^OPTIONS$" />
</conditions>
<action type="CustomResponse" statusCode="200" statusReason="Preflight" statusDescription="Preflight" />
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="AllowedOrigins">
<add key="http://somedomain:8080" value="http://localhost:8080" />
</rewriteMap>
</rewriteMaps>
<outboundRules>
<rule name="Set-Access-Control-Allow-Origin for known origins">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern=".+" negate="true" />
<conditions>
<add input="{AllowedOrigins:{CAPTURED_ORIGIN}}" pattern=".+" />
</conditions>
<action type="Rewrite" value="{C:0}" />
</rule>
</outboundRules>
</rewrite>
<tracing>
<traceFailedRequests>
<add path="*">
<traceAreas>
<add provider="WWW Server" areas="Rewrite" verbosity="Verbose" />
</traceAreas>
<failureDefinitions timeTaken="00:00:00" statusCodes="500" verbosity="Error" />
</add>
</traceFailedRequests>
</tracing>
</system.webServer>
I had a lot of issues trying to use URL Rewrite module to enable CORS, after a lot of troubleshooting I found that for IIS 7.5+ you can use IIS CORS Module: https://www.iis.net/downloads/microsoft/iis-cors-module
Your web.config should be something like this:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<cors enabled="true" failUnlistedOrigins="true">
<add origin="http://localhost:8080" allowCredentials="true">
<allowMethods>
<add method="POST" />
</allowMethods>
</add>
</cors>
</system.webServer>
</configuration>
You can find the configuration reference in here: https://learn.microsoft.com/en-us/iis/extensions/cors-module/cors-module-configuration-reference
I'm trying to create an IIS redirect from
domain.com/abcd
to
domain.com/mypage.aspx/abcd
abcd can be any set of characters or numbers (abcd, ab, ab4c, etc..)
mypage.aspx will always be mypage.aspx
I find many ways of doing this backwards but for some reason I can't get this to work. Any suggestion?
Thanks,
I don't understand why this question has been unanswered for so long as it's quite simple to do:
<rewrite>
<rules>
<rule name="Redirect to mypage.aspx" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="domain\.com$" />
<add input="{REQUEST_URI}" pattern="^/mypage\.aspx/" negate="true"/>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/mypage.aspx/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
Hope this helps.
EDIT: Made it dynamic, also added exception for existing files / directories, otherwise static content would not work anymore.
My site is asp.net.
I have a wordpress blog in the blog folder and everything works great.
My main web.config has a working rule that forces https on everything.
I have successfully added a rule in the web.config in the blog folder not to redirect to https.
My problem is that I want to exclude the wp-content/uploads/* folder from that rule.
i.e. I want the images in the upload folder to be allowed to load on https too.
(My reason is that I refer to them in my main site and the way it is, I get security messages that I have insecure content on my https pages)
My code is:
<rule name="Remove https" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_URI}" pattern="^wp-content/uploads/.*" negate="true" />
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/blog/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
What am I doing wrong?
Thanks
Your code in problem dear plz try below code can this help you.
Something Wrong in your pattern of "^wp-content/uploads/.*" you try below code can this help you.
<rule name="Remove https" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_URI}" pattern="^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*)" negate="true" />
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/blog/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>