My site is asp.net.
I have a wordpress blog in the blog folder and everything works great.
My main web.config has a working rule that forces https on everything.
I have successfully added a rule in the web.config in the blog folder not to redirect to https.
My problem is that I want to exclude the wp-content/uploads/* folder from that rule.
i.e. I want the images in the upload folder to be allowed to load on https too.
(My reason is that I refer to them in my main site and the way it is, I get security messages that I have insecure content on my https pages)
My code is:
<rule name="Remove https" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_URI}" pattern="^wp-content/uploads/.*" negate="true" />
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/blog/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
What am I doing wrong?
Thanks
Your code in problem dear plz try below code can this help you.
Something Wrong in your pattern of "^wp-content/uploads/.*" you try below code can this help you.
<rule name="Remove https" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_URI}" pattern="^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*)" negate="true" />
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/blog/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
Related
Maybe someone can help me out.
I have two rules in my web.config, one for pre-render and one for Vue.
I have stacked them like this:
<rules>
<rule name="prerender.io" stopProcessing="true">
<match url="(\.js|\.json|\.css|\.xml|\.less|\.png|\.jpg|\.jpeg|\.gif|\.pdf|\.doc|\.txt|\.ico|\.rss|\.zip|\.mp3|\.rar|\.exe|\.wmv|\.doc|\.avi|\.ppt|\.mpg|\.mpeg|\.tif|\.wav|\.mov|\.psd|\.ai|\.xls|\.mp4|\.m4a|\.swf|\.dat|\.dmg|\.iso|\.flv|\.m4v|\.torrent|\.ttf|\.woff|\.svg)" negate="true" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_USER_AGENT}" pattern="googlebot|bingbot|yandex|baiduspider|facebookexternalhit|twitterbot|rogerbot|linkedinbot|embedly|quora\ link\ preview|showyoubot|outbrain|pinterest\/0\.|pinterestbot|slackbot|vkShare|W3C_Validator|whatsapp" />
<add input="{QUERY_STRING}" pattern="_escaped_fragment_" />
</conditions>
<serverVariables>
<set name="HTTP_X_PRERENDER_TOKEN" value="<removed>" />
</serverVariables>
<action type="Rewrite" url="https://service.prerender.io/https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" logRewrittenUrl="true" />
</rule>
<rule name="Vue" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_URI}" pattern="^/api/.*" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="/" />
</rule>
</rules>
The problem is, when googlebot tries to access my site, most of the time it comes back with a URL Rewrite error 500. If I remove googlebot from the prerender rule, it will stop throwing the rewrite error, which leads me to believe the issue is with that rule, but their support team tell me it's not.
Can anyone see any glaringly obvious issues with my rules? Or know something I am missing?
It turns out this was due to ARR proxy not being turned on.
Because I host on Azure, it had to create a new file called applicationHost.xdt and add this:
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.webServer>
<proxy xdt:Transform="InsertIfMissing" enabled="true" preserveHostHeader="false"
reverseRewriteHostInResponseHeaders="false" />
<rewrite>
<allowedServerVariables>
<add name="HTTP_X_PRERENDER_TOKEN" xdt:Transform="InsertIfMissing" />
</allowedServerVariables>
</rewrite>
</system.webServer>
</configuration>
If you use IIS, you can follow this link:
https://learn.microsoft.com/en-us/iis/extensions/configuring-application-request-routing-arr/creating-a-forward-proxy-using-application-request-routing
I have two domains baddomain.com and gooddomain.com which are pointing to the same hosting service. I have bought SSl certificate and now I want to redirect Bad one to the good one which has SSL installed. I wrote these rules and it works on Chrome but not in IE and firefox. Bad domain redirects to https instead of redirecting to good domain. Thanks.
<!--Redirect from bad domain to good one-->
<rule name="BadtoGood" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="baddomain.com" />
</conditions>
<action type="Redirect" url="https://gooddomain.com/{R:0}" redirectType="Permanent" />
</rule>
<!--Force https on good domain -->
<rule name="forceHTTPS" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" negate="false" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" pattern="localhost" negate="true" />
</conditions>
<action type="Redirect" url="https://gooddomain.com/{R:0}" redirectType="Permanent" />
</rule>
The reason was that I had enabled force https through the website control panel and it was overriding the downstream settings in web.config.
In my case this was the path:
Plesk for windows > Websites and domains > Hosting setting
Window 2016 / IIS 10.
I want to block all requests that are using the servername:portnumber/service and enforce the use of DNS-aliases. Problem at the moment seems to be that when the rule "Allow SOAPUI" matches it does not stop processing and therefore the last one kicks in and blocks SOAPUI
<rule name="Allow SOAPUI" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="dsttst100*" />
<add input="{HTTP_USER_AGENT}" pattern="*SOAPUI*" negate="true" />
</conditions>
<action type="Rewrite" url="http://redirect.to.what" />
</rule>
<rule name="Only allow requests from loadbalancer" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{REMOTE_ADDR}" pattern="111.22.55.11" negate="true" />
</conditions>
<action type="CustomResponse" statusCode="403" subStatusCode="6" statusReason="Only allowed from IISAR01 (use DNS) or using SOAPUI" statusDescription="Use dns-alias" />
</rule>
While trying do describe my issue I did figure out the solution - at least one possible solution. The reason for the second rule being triggered is that whenever a request with servername:port and SOAPUI user agent was triggered it did not match the first rule...since it was SOAPUI. Solution was to create a second rule with action type none if servername:portnumber AND SOAPUI.
<rule name="Servername - allow SOAPUI" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="dsttst100*" />
<add input="{HTTP_USER_AGENT}" pattern="*SOAPUI*" />
</conditions>
<action type="None" />
</rule>
This will then prevent the last rule to be processed.
I have my .net mvc website hosted in liquid web cloud. I wanted to redirect all website users if they enter the following url http://example.com,http://www.example.com,https://example.com
to https://www.example.com ( i.e. consistent url not matter how they enter)
i tried the following code in web.config but no luck.
<rule name="Redirect Non WWW" stopProcessing="true" >
<match url="^(http\.)(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^https://www.example.com$" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://www.example.com/{R:0}" appendQueryString="true" />
</rule>
Domain is already registered as www.example.com and SSL is enabled on the domain.
You have used MatchAll and also set the condition that url should have https to start rediretion! Just change it to having http instead:
incorrect:
<add input="{HTTP_HOST}" pattern="^https://www.example.com$" />
correct:
<add input="{HTTP_HOST}" pattern="^http://www.example.com$" />
Since you're going to force a redirect to use HTTPS, (.*) will match all URLs and you can set the pattern to off.
<rule name="HTTP to HTTPS Redirection" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
Update:
There isn't any problem with method 1, but also adding this for those who visit this post later.
Method 2:
<rule name="HTTP to HTTPS Redirection" enabled="true">
<match url="(.*)" />
<action type="Redirect" url="https://www.example.com/{REQUEST_URI}" appendQueryString="true" redirectType="Permanent" />
</rule>
I have site hosted IIS with hidden extentions
using this rule
<rule name="Hide .html ext">
<match ignoreCase="true" url="^(.*)"/>
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true"/>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true"/>
<add input="{REQUEST_FILENAME}.html" matchType="IsFile"/>
</conditions>
<action type="Rewrite" url="{R:0}.html"/>
</rule>
<rule name="Redirecting .html ext" stopProcessing="true">
<match url="^(.*).html"/>
<conditions logicalGrouping="MatchAny">
<add input="{URL}" pattern="(.*).html"/>
</conditions>
<action type="Redirect" url="{R:1}"/>
</rule>
The main problem is that i have file that without extension has same naming that one of my folder
for example
wwwroot/page.html
wwwroot/page/page.html
When this rule applying server return
403 - Forbidden on when i call www.test.com/page
and all works fine when i call www.test.com/page/page
Is it possible to configure url rewrite module to correct work with both of this path?
You can do some workaround for that problem. If you will delete this condition: <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true"/>
Then your HTML page will work for this url www.test.com/page and www.test.com/page/page but will not for www.test.com/page/ (it will return forbidden).
If page.html is single exception in your system and you will not have the same collisions, then you can also do in another way, create the additional rule for your url. Just add this rule before Hide .html ext rule:
<rule name="Exception for page" stopProcessing="true">
<match url="^(page)(\/?)$" />
<action type="Rewrite" url="{R:1}.html" />
</rule>
In this case, all URLs will work correctly:
www.test.com/page
www.test.com/page/
www.test.com/page/page