I have an issue which is driving me mad.
I have a project which I set up and enabled SSL (By changing the SSL enabled flag to true in the application properties)
Then I changed the project url in the web properties to the SSL Url (Shown in the image above)
And finally, I added a rewrite rule to my web.config:
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
</rules>
</rewrite>
This was all fine. I was able to debug my application while on the new HTTPS url. The problem is now I have to test it back on HTTP, so I reversed my steps.
First I commented out the rewrite rule, then I changed the Project Url back to the normal http url and clicked "Create Virtual Directory".
And finally I changed the "SSL Enabled" to false.
This is where the problem lies. When I press F5, my browser uses the normal URL (The correct http one) but it redirects to a https url. I can't change it because when I do it just redirects.
It is driving me mad because there is no rule (that I can find) that is redirecting it. I even uncommented my rewrite rule and changed it to this:
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="http://{HTTP_HOST}{REQUEST_URI}" />
</rule>
</rules>
</rewrite>
To for it to use the http url, but it will not.
Can someone please help me?!?
In the end, this was pretty straight forward. I commented out the rewrite rule and then in the project properties, just set the override application root url to the http url while keeping the project url as the https version.
Related
I'm having an issue when trying to configure redirections on IIS server. I have a website running in IIS and first of all i'd like to:
redirect all the incoming requests for that site from http->https
redirect all the incoming requests for that site if the URL is for example: https: //abc.org to https ://abc.org/loginpage
I set the first rule as explained here: https://www.ssl.com/how-to/redirect-http-to-https-with-windows-iis-10/
And then set the second rule as explained here: IIS 10 URL redirect from one domain to another
But it's still not working. Tried restarting IIS, restarting app pools, website, clearing browser cache...
Thanks!
You can try to use this URL Rewrite rule:
<rewrite>
<rules>
<rule name="Test" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions>
<add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />
</conditions>
<action type="Redirect" url="https://example.com/loginpage" redirectType="Found" />
</rule>
</rules>
</rewrite>
You need to modify example.com to abc.org.
I am new IIS, but came up in a situation where not all of our clients use ssl on their website but there are a few who does. Hence the problem here is that after enabling redirection, when it redirects to ssl enabled pages, it works well but gives ssl warning on non ssl websites.
I want to add some redirect rules which:
1. Redirects with https on the domains only which I allow.
2. Redirects with http only for the sites not in allowed list.
Any help on this would be greatly appreciated.
Thanks,
Rastu.
As lex says, we could use url rewrite's condition to achieve your requirement.You could put this url rewrite rule insdie the web site.
Notice: Condition's HTTP_HOST should set the domain whcih doesn't enable the SSL.
<rules>
<rule name="HTTP to HTTPS on different SSL Port" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="true" negate="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true">
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" pattern="^www.domainwithoutusingSSL.com$" negate="true"/>
<add input="{HTTP_HOST}" pattern="^www.domainwithoutusingSSL2.com$" negate="true"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="true" />
</rule>
https://my-public-url.com is just a public url and it is pointing to my public ip server (20.23.45.67:443)
my dev url : https://my-Dev-url.local (it points to the web application in ex: 10.99.11.20:1562)
my QA url : https://my-QA-url.local (it points to the web application in ex: 10.99.11.20:2678)
my UAT url: https://my-UAT-url.local (it points to the web application in ex: 10.99.11.20:3456)
When I click on the url https://my-public-url.com/Dev it should redirect to my dev url
When I click on the url https://my-public-url.com/QA it should redirect to my Qa url
When I click on the url https://my-public-url.com/UAT it should redirect to my UAT url
Is it possible to achieve the above requirement using IIS proxy rules, if yes please help me how to do that
Thanks in Advance
According to your description, I suggest you could refer to below rewrite rule.
<rewrite>
<rules>
<rule name="Reverse Proxy to Dev" stopProcessing="true">
<match url="^Dev/(.*)" />
<action type="Rewrite" url="https://my-Dev-url.local/{R:1}" />
</rule>
<rule name="Reverse Proxy to QA" stopProcessing="true">
<match url="^QA/(.*)" />
<action type="Rewrite" url="https://my-QA-url.local/{R:1}" />
</rule>
<rule name="Reverse Proxy to UAT " stopProcessing="true">
<match url="^UAT/(.*)" />
<action type="Rewrite" url="https://my-UAT-url.local/{R:1}" />
</rule>
</rules>
</rewrite>
More details, you could refer to beblow article:
https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing
Finally, this works for me.
<rule name="Rewrite to Dev page">
<match url="^Dev(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^my-public-url.com$" />
</conditions>
<action type="Rewrite" url="http://my-Dev-url.local/{R:1}" />
</rule>`
When I click on https://my-public-url.com/Dev it is redirecting to my local url
I got a copy of an https rewrite rule so that when certain keywords are in the url it automatically redirects to an https: on a specific port.
However, I would also like something that when I want to logout of the secure area and go back to the non ssl site that it's no longer on https. I have been unsucessful in doing this.
Can someone tell me what I need to do?
Here's the https rule I used.
<rewrite>
<rules>
<rule name="Secure Account Controller" enabled="true" stopProcessing="true">
<match url="^account" ignoreCase="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" >
<add input="{HTTPS}" pattern="off"/>
<add input="{HTTP_HOST}" pattern="([^/:]*?):[^/]*?" />
</conditions>
<action type="Redirect" url="https://{C:1}:44300{URL}"/>
</rule>
</rules>
</rewrite>
** UPDATED **
This seems to have done it.. Not sure why the url in the browswer doesn't revert once it's finished.. but when I click on another page in the site... it's showing http
<rule name="Home Controller" enabled="true" stopProcessing="true">
<match url="^home" ignoreCase="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" >
<add input="{HTTPS}" pattern="on"/>
<add input="{HTTP_HOST}" pattern="([^/:]*?):[^/]*?" />
</conditions>
<action type="Redirect" url="http://{C:1}:7224{URL}"/>
</rule>
UPDATED ** This seems to have done it.. Not sure why the url in the browser doesn't revert once it's finished.. but when I click on another page in the site... it's showing http
I want to all www domain to naked via IIS Rewrite engine. There are many domains pointing to same application.
Here is my rule :
^(www.)(.*)$
Action Type : Redirect
Redirect URL : {R:2}
Redirect Type : Permanent
When i test pattern for www.xxx.com
R:0 => www.stackoverflow.com R:1=> www. R:2 => www.stackoverflow.com
and that is fine.
What is wrong? And also should I include "http://" ?
Something like ^(www\.)(.+)$ should work when matching the http_host, but it might be better to specify the domain. From what I know of IIS (not much) and what it says on the net, something like:
<rewrite>
<rules>
<rule name="Redirect www.xxx.com to xxx.com" patternSyntax="ECMAScript" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.domain\.com$" />
</conditions>
<action type="Redirect" url="http://domain.com/{R:0}" />
</rule>
</rules>
</rewrite>
Oh, you said for any domain. If you want to make sure it ends in .com it should be something like
^(www\.)(.+)(\.com)$ against HTTP_HOST
.. oh, if you do that you need to back reference, so try something like this:
<rewrite>
<rules>
<rule name="Redirect www.domain.com to domain.com" patternSyntax="ECMAScript" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.(.+)$" />
</conditions>
<action type="Redirect" url="http://{C:1}/{R:0}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
The c:1 is a back reference