IIS ARR Reverse Proxy Disk Cache - caching

I want to setup disk cache for reverse proxy responses for forwarded requests. I expect all requests to http://localhost:88/ to be forwarded to https://stackoverflow.com/ (as an example) with following rewrite rule:
<rule name="ReverseProxy1" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="https://stackoverflow.com/{R:1}" />
</rule>
Which works perfectly fine.
And I want all responses from https://stackoverflow.com/ to be cached on disk. I have following setup in applicationHost.config:
<diskCache scavengerInterval="00:05:00">
<driveLocation path="C:\inetpub\temp\cache" maxUsage="0" />
<compression enabled="true">
<add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/x-javascript" enabled="true" />
<add mimeType="application/javascript" enabled="true" />
</compression>
<sharedDriveLocation path="" />
</diskCache>
<proxy enabled="true" httpVersion="PassThrough" reverseRewriteHostInResponseHeaders="true">
<cache requestConsolidationEnabled="true" queryStringHandling="Accept" validationInterval="00:01:00" />
</proxy>
<rewrite>
<globalRules>
<rule name="ARR_CacheControl_b17f5877-33f6-4bed-be49-f3c07a38cfef" enabled="true" patternSyntax="Wildcard">
<match url="*" />
<serverVariables>
<set name="ARR_CACHE_CONTROL_OVERRIDE" value="1,max-age=1800" />
</serverVariables>
<conditions>
<add input="{HTTP_HOST}" pattern="stackoverflow.com" />
</conditions>
</rule>
</globalRules>
</rewrite>
Unfortunately disk cache is never hit. I can tell it by examining IIS Log with X-ARR-CACHE-HIT=0 entries. And cache folder is always empty. The folder was created by IIS manager UI and I provided access rights to Application Pool identity to this folder, so I assume that the problem is not in access rights to cache folder.
Did I miss anything? Looking for a solution in internet didn't give me any results so any input is very appreciated.

I found out that the problem was that the Vary response header is present in SO response. And based on the reply on IIS forums ARR doesn't support caching when there is a Vary header in response.

Related

web.config Redirect rule not working in IE and FireFox

I have two domains baddomain.com and gooddomain.com which are pointing to the same hosting service. I have bought SSl certificate and now I want to redirect Bad one to the good one which has SSL installed. I wrote these rules and it works on Chrome but not in IE and firefox. Bad domain redirects to https instead of redirecting to good domain. Thanks.
<!--Redirect from bad domain to good one-->
<rule name="BadtoGood" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="baddomain.com" />
</conditions>
<action type="Redirect" url="https://gooddomain.com/{R:0}" redirectType="Permanent" />
</rule>
<!--Force https on good domain -->
<rule name="forceHTTPS" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" negate="false" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" pattern="localhost" negate="true" />
</conditions>
<action type="Redirect" url="https://gooddomain.com/{R:0}" redirectType="Permanent" />
</rule>
The reason was that I had enabled force https through the website control panel and it was overriding the downstream settings in web.config.
In my case this was the path:
Plesk for windows > Websites and domains > Hosting setting

404 Error for HTTP to HTTPS Redirect Rule

I'm getting the below error for our root domain and all subsites when they are typed in the format http://domain.co.uk or https://domain.co.uk
HTTP Error 404. The requested resource is not found.
We're running Windows Server 2012R2 and I'm editing the web.config file, rather than using IIS.
I've got the below redirect in place, but obviously it isn't doing what I'd like it to do.
<rule name="Force WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^[^www]" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://www.domain.co.uk/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
I'd appreciate it if someone could let me know where I'm going wrong.

Configure URL Rewrite using server variable to support multiple origins

I was dealing with CORS issue a couple days ago where I need to support multiple origins. I did some research and found a couple posts pointing me to this great tool (URL Rewrite). I got the solution I wanted following Paco Zarate tip here: Access-control-allow-origin with multiple domains using URL Rewrite. I also found another post here: http://www.carlosag.net/articles/enable-cors-access-control-allow-origin.cshtml showing me how to achieve the same solution with a different method of configuration within URL Rewrite.
Paco Zarate solution works like a charm. Why am I still asking question? It's just for learning purposes. And also I think the second post configuration yields a more elegant list of origins/domains I want to white-listed. For ease of maintainability I can just go to the Rewrite Maps and see all of my AllowedOrigins.
When attempted the second post's solution, I got this message: ERR_CONNECTION_RESET under Console tab of the browser debugger tool. And the request header under Network tab says "Provisional headers are shown"
Many thanks in advance.
My config file:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed" />
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Headers" value="Origin, Content-Type, Accept" />
<add name="Access-Control-Request-Method" value="POST" />
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Origin" value="http://localhost:8080" />
</customHeaders>
</httpProtocol>
<rewrite>
<rules>
<rule name="Capture Origin Header">
<match url=".*" />
<conditions>
<add input="{HTTP_ORIGIN}" pattern=".+" />
</conditions>
<serverVariables>
<set name="CAPTURED_ORIGIN" value="{C:0}" />
</serverVariables>
<action type="None" />
</rule>
<rule name="Preflight Options" enabled="false" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{REQUEST_METHOD}" pattern="^OPTIONS$" />
</conditions>
<action type="CustomResponse" statusCode="200" statusReason="Preflight" statusDescription="Preflight" />
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="AllowedOrigins">
<add key="http://somedomain:8080" value="http://localhost:8080" />
</rewriteMap>
</rewriteMaps>
<outboundRules>
<rule name="Set-Access-Control-Allow-Origin for known origins">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern=".+" negate="true" />
<conditions>
<add input="{AllowedOrigins:{CAPTURED_ORIGIN}}" pattern=".+" />
</conditions>
<action type="Rewrite" value="{C:0}" />
</rule>
</outboundRules>
</rewrite>
<tracing>
<traceFailedRequests>
<add path="*">
<traceAreas>
<add provider="WWW Server" areas="Rewrite" verbosity="Verbose" />
</traceAreas>
<failureDefinitions timeTaken="00:00:00" statusCodes="500" verbosity="Error" />
</add>
</traceFailedRequests>
</tracing>
</system.webServer>
I had a lot of issues trying to use URL Rewrite module to enable CORS, after a lot of troubleshooting I found that for IIS 7.5+ you can use IIS CORS Module: https://www.iis.net/downloads/microsoft/iis-cors-module
Your web.config should be something like this:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<cors enabled="true" failUnlistedOrigins="true">
<add origin="http://localhost:8080" allowCredentials="true">
<allowMethods>
<add method="POST" />
</allowMethods>
</add>
</cors>
</system.webServer>
</configuration>
You can find the configuration reference in here: https://learn.microsoft.com/en-us/iis/extensions/cors-module/cors-module-configuration-reference

IIS 8.5 URL Rewrite with web service exceptions

I have an HTTPS redirect set up in a URL Rewrite. Everything works but I need to exclude some server ports for web services that are not going to be included in the SSL.
<rewrite>
<rules>
<rule name="HTTPS Redirect" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{SERVER_PORT}" pattern="1010" />
<add input="{SERVER_PORT}" pattern="1212" />
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
When I add the server port exception, the web services work but I don't get my redirect on the http calls.
The solution turned out to be a missing attribute....
<add input="{SERVER_PORT}" pattern="1010" negate="true"\>

URL Rewrite - Redirect to different port and changing URL using map

I want to rewrite URL to redirect to different port, based on HTTP_URL while preserving rest of URL and query string (if specified).
For example,
http://host/john/page.aspx should be redirected to http://host:1900/page.aspx,
http://host/paul/anotherpage.aspx?query to http://host:1901/anotherpage.aspx?query
and http://host/ringo to http://host:1902/
I've added bunch of rules for every allowed port, but it does not look efficient or manageable.
I'm trying to employ map, (ie john->1900, paul->1901) but cannot figure out how to assemble desired URL.
Any suggestions?
It took some fiddling to get it working but looking back at it the solutions is quite simple and elegant.
<rewrite>
<rules>
<clear />
<rule name="Redirect known names to ports" stopProcessing="true">
<match url=".*" />
<conditions trackAllCaptures="true">
<add input="{REQUEST_URI}" pattern="/(.*?)/(.*)" />
<add input="{NameToPort:{C:1}}" pattern="(.+)" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}:{C:3}/{C:2}" appendQueryString="false" redirectType="Permanent" />
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="NameToPort">
<add key="john" value="1900" />
<add key="paul" value="1901" />
<add key="ringo" value="1902" />
</rewriteMap>
</rewriteMaps>
</rewrite>
Let me know if this is what you were looking for.

Resources