URL rewrite web.config with location https - http

I want to redirect my extranet site to https I have the following web.config rule:
<location path="." inheritInChildApplications="false">
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" `enter code here`ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}"
redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</location>
The problem comes because I have several services hosted on my server that are children, and I don't want them to redirect too, I just want to redirect the site not the services.

One way to do this is to by default redirect to HTTPS except for a specified list of folders. In the below example, folders /service1/ and /service2/ are excluded from redirection. Everything else goes to HTTPS.
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
<!-- avoid redirection for the following paths -->
<add input="{PATH_INFO}" pattern="^/service1/" ignoreCase="true" negate="true" />
<add input="{PATH_INFO}" pattern="^/service2/" ignoreCase="true" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>

Related

web config rewrite rule to force http to https on multi tenancy application

i have a multi tenancy portal system but the rewrite rule is not working on multiple conditions
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="^(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
<add input="{HTTPS1}" pattern="^(website1\.com|www\.website1\.com)$" />
<add input="{HTTPS2}" pattern="^(website2\.com|www\.website2\.com)$" />
<add input="{HTTPS3}" pattern="^(website3\.com|www\.website3\.com)$" />
<add input="{HTTPS4}" pattern="^(website4\.com|www\.website4\.com)$" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
</rule>
I expect That when i visit http://portal.website1.com on my webs browser, that the program should take me to https://portal.website1.com and to do the same for portal.website2.com, portal.website3.com,portal.website4.com
but it only works for portal.website2.com and portal.website3.com , it does not force https on portal.website1.com and portal.website4.com
Try this in system.WebServer:
<system.webServer>
....
<rewrite>
<rules>
<rule name="Force HTTPS" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URO}" redirectType="Temporary" />
</rule>
</rules>
</rewrite>
</system.webServer>

URL Rewrite to a subdomain

I am using the Rewrite tool for ASP.NET to redirect from http to hpps. I want to reroute to
https://services.net/ExitInterview/home/about
But currently it is routing to
https://services.net/home/about
Below is my redirect rule:
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"
redirectType="Permanent" />
</rule>`
Can I mix the "HTTP_HOST" text with hard-coded text in the rule string? Or is there another way?
I don't want to hard code the url because it changes with local, staging, and production.
<rule name="HTTP to HTTPS redirect" ="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/ExitInterview/{R:1}"
redirectType="Permanent" />
</rule>
Give this a try
This should do what you want in terms of redirecting to HTTPS from HTTP in a web.config file:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<httpRuntime executionTimeout="180" />
</system.web>
<system.webServer>
<httpErrors errorMode="Detailed" existingResponse="PassThrough" />
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I use this exact snippet for a webserver that enforces HTTPS redirection, but that also seems to be pretty close to what you have. Are you sure you have configured the structure of the web.config file correctly? - I remember running into issues when I would leave out something.

Redirection from "https://www" to "https://"

We have the ASP.NET application hosted as Azure WebApp and configured the domain from GoDaddy. We bought SSL for non-www domain. We used the following redirection rule:
<rewrite>
<rules>
<rule name="Redirect to Example.com">
<match url="(.*)"/>
<conditions>
<add input="{HTTP_HOST}" pattern="^(?!^Example.com)" />
</conditions>
<action type="Redirect" url="https://Example.com/{R:1}"/>
</rule>
<rule name="Redirect to https">
<match url="(.*)"/>
<conditions>
<add input="{HTTPS}" pattern="Off"/>
<add input="{REQUEST_METHOD}" pattern="^get$|^head$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/>
</rule>
</rules>
</rewrite>
Is there a way to add another rule to redirect request to "https://www" to "https://"?
Thanks,
Jay
I had a similar challenge with my Windows hosting since I have a wildcard cert and host a few subdomains. Here's the web.config I put together, give it a shot and let me know! It seems to work great for me, but my site is extremely simple.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
<rule name="remove www" stopProcessing="true">
<match url="(.*)" ignoreCase="true" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.YourDomain\.com$" />
</conditions>
<action type="Redirect" url="https://YourDomain.com/{R:0}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>

How do I redirect all but a single url to https in ASP.Net?

I have the following code in my web.config:
<rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"
redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
I would like to redirect everything EXCEPT for http://www.mysite.com/manual to https.
How would I modify the above to allow this?
It should be ok with adding the following code in your conditions tag
<add input="{REQUEST_URI}" negate="true" pattern="^/manual/*" ignoreCase="true" />

Redirect only when no subdirectories are selected

I'm trying to to redirect on xyz.sample.com to www.sample.com/order/xyz, which works fine, but the problem is now that resources like xyz.sample.com/js/file.js redirects to www.sample.com/order/xyz/js/file.js which is no right, how can i only do the redirection when the url is just xyz.sample.com and im not trying to access anything inside, below is my rewrite rule:
<rewrite>
<rules>
<rule name="Rewrite service provider to web ordering page" enabled="true" stopProcessing="true">
<match url="^(.*)$" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(.*)\.sample\.com$" ignoreCase="true" />
<add input="{HTTP_HOST}" negate="true" pattern="^manage\.sample\.com$" ignoreCase="true" />
</conditions>
<action type="Rewrite" url="order/{C:1}" />
</rule>
</rules>
</rewrite>
Thanks.

Resources