I have a simple IIS rule to redirect HTTPS to HTTP:
<rule name="HTTPS" enabled="true" stopProcessing="true">
<match url=".*\.(asp)$" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="on" />
<add input="{REQUEST_URI}" negate="true" pattern="^/ecards/user*" ignoreCase="true" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
The matching url will only work on .asp files, but how can I also get it to work for root directories?
E.g.
example.com
example.com/
example.com/test
example.com/test/
I don't want to just have the match URL as:
<match url="(.*)" />
Because then other non .asp files get rewritten.
One way to include directories in your rule is to exclude everything else.
Assuming that everything else has a file extension (e.g. .php, .css. .js, etc.) you can negate all input that has the . in the path.
I changed your code a bit to make a working demo locally (I don't have HTTPS locally to test so instead of redirecting to HTTP I set it to redirect to About.aspx) and the two rules are:
<rule name="HTTPS" enabled="true" stopProcessing="true">
<match url=".*\.(asp)$" ignoreCase="false" />
<action type="Redirect" url="/About.aspx" appendQueryString="true" redirectType="Permanent" />
</rule>
<rule name="NEWRULE" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{REQUEST_URI}" negate="true" pattern=".*\.(.)$" ignoreCase="true" />
<add input="{REQUEST_URI}" negate="true" pattern="^/About*" ignoreCase="true" />
</conditions>
<action type="Redirect" url="/About.aspx" appendQueryString="true" redirectType="Permanent" />
</rule>
So, based on your original code sample, a new rule that will work for you would be similar to this:
<rule name="IncludeDirectories" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{REQUEST_URI}" negate="true" pattern=".*\.(.)$" ignoreCase="true" />
<add input="{HTTPS}" pattern="on" />
<add input="{REQUEST_URI}" negate="true" pattern="^/ecards/user*" ignoreCase="true" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
Note: The above approach is rather aggressive. You could replace this condition:
<add input="{REQUEST_URI}" negate="true" pattern=".*\.(.)$" ignoreCase="true" />
with the following:
<add input="{REQUEST_URI}" negate="true" pattern=".*\.(php|css|js|jpg|gif|png)$" ignoreCase="true" />
Where you exclude specific extensions. You add as many as you want.
Edit: If you want to have specific pages still with HTTPS maybe the following rule will be helpful (haven't tested it though). The previous rule sends to HTTP all URLs except those that have /ecards/user where this one sends to HTTPS those that have /ecards/user. I believe there will be no conflict.
<rule name="HTTPS2Admins" enabled="true" stopProcessing="true">
<match url="/ecards/user(.*)" />
<conditions>
<add input="{HTTP}" pattern="on" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/ecards/user{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
Related
I used below code for http to https redirect, but don't know how to update domain and https at same time with multiple rules.
Thanks for your help
<!--Examples-->
Example 1:
input : http://prodServer/MyApplication
Expected Output: https://prodServer.mycompany.com/MyApplication
Example 2:
input : https://prodServer/MyApplication
Expected Output: https://prodServer.mycompany.com/MyApplication
Example 3
input : http://prodServer.mycompany.com/MyApplication
Expected Output : https://prodServer.mycompany.com/MyApplication
code
<system.webServer>
<rewrite>
<rules>
<rule name="httpsRedirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
We just write two URL rules for the requirement. One for forcing the HTTP request to https request, another for converting the hostname to the actual server name.
<rewrite>
<rules>
<rule name="Force Https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{https}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>
<rule name="Myrule2" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="prodServer" />
</conditions>
<action type="Redirect" url="https://prodServer.mycompany.com/MyApplication" />
</rule>
</rules>
</rewrite>
Note: StopProcessing flag has no influent on the Redirect action, thereby these two rules will be performed properly on the server-side when an Http request received.
Feel free to let me know if the problem still exists.
it worked for me with
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^prodServer$" />
</conditions>
instead of
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="prodServer" />
</conditions>
Using the Web.config only, I need to redirect all traffic to a new domain, yet also:
1) preserve subdomains
2) preserve query parameters
3) if "http" and not "https" change to "https" while doing the above
I can easily handle enforcing HTTPS, and I have seen many references to redirects for domains, but have not found any that preserve the subdomains while changing to the root domain.
<rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="^(.*)$" />
<conditions trackAllCaptures="true">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost(:\d+)?$" negate="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^127\.0\.0\.1(:\d+)?$" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
'The above works to change http to https, but does not help with the need to change the domain. I have also seen this below which almost works:'
<rule name="redirect" enabled="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="false" pattern="^(.*)\.foo\.com" />
</conditions>
<action type="Redirect" url="https://{C:1}.bar.com/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
...but removes the subdomain:
http://x.foo.com > https://.bar.com
Examples of what it needs to do:
http://x.foo.com > https://x.bar.com
https://y.foo.com > https://y.bar.com
https://x.foo.com/blah.aspx?param=blue > https://x.bar.com/blah.aspx?param=blue
http://y.foo.com/blah.aspx?param=blue > https://y.bar.com/blah.aspx?param=blue
Okay, I have come up with the following solution that does exactly what I have needed (see above requirements). I did this by adding two independent rule blocks: one to ensure HTTPS, and the other to do a redirect to the other domain if necessary. I sense that this does double the traffic if the visit needs both 1) HTTP to HTTPS and 2) direct to the new domain (from *.foo.com > *.bar.com) but at least it works. Not sure if it could be tweaked into one rule to save hits?
<rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="^(.*)$" />
<conditions trackAllCaptures="true">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost(:\d+)?$" negate="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^127\.0\.0\.1(:\d+)?$" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther"/>
</rule>
<rule name="Redirect to new domain" enabled="true">
<match url="(.*)$" />
<conditions trackAllCaptures="true">
<add input="{HTTP_HOST}" negate="false" pattern="^(.*)\.foo\.com" />
</conditions>
<action type="Redirect" url="https://{C:1}.bar.com/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
I have a webiste that runs https. Now some programmers need a subfoder that has no https.
This is what i have in my web.config right now:
<rule name="HTTP Redirect to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
We need the folder "wp-content\rest" to be excluded from this https redirect.
In hope someone can help me with this one.
You need to add an additional condition into your rule:
<rule name="HTTP Redirect to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
<add input="{REQUEST_URI}" pattern="^/wp-content/rest" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
Then this rule will disable redirects to all urls like that http://www.example.com/wp-content/rest*
I am using this rule in IIS 7
<rule name="Convert to lower case" enabled="true" stopProcessing="true">
<match url=".*[A-Z].*" ignoreCase="false" />
<conditions>
<add input="{URL}" pattern="(.*)/admin/*" negate="true" />
</conditions>
<action type="Redirect" url="{ToLower:{R:0}}" redirectType="Permanent" />
</rule>
How do I modify it so that it only redirects the urls that the user is likely to see in the browser like /MyPage.aspx and /MyPage and perhaps /MyPage.htmL
EDIT: I ended up using this: (this solves problem with DotNetNuke and reduces unnecessary redirects)
<rule name="Convert to lower case" enabled="true" stopProcessing="true">
<match url=".*[A-Z].*" ignoreCase="false" />
<conditions>
<add input="{URL}" pattern="(.*)/(admin|desktopmodules|host|tabid)/*" negate="true" />
<add input="{URL}" pattern="^.*\.(xml|ashx|axd|css|js|jpg|jpeg|png|gif)$" negate="true" ignoreCase="true" />
</conditions>
<action type="Redirect" url="{ToLower:{R:0}}" redirectType="Permanent" />
</rule>
For Extensionless and ASPX only to lowercase:
<rule name="LowerCaseRule" stopProcessing="true">
<match url="[A-Z]" ignoreCase="false" />
<action type="Redirect" url="{ToLower:{URL}}" />
<conditions logicalGrouping="MatchAny">
<add input="{REQUEST_FILENAME}" pattern="\.aspx$" />
<add input="{REQUEST_FILENAME}" pattern="\." negate="true" />
</conditions>
</rule>
\.aspx$ matches file names that end with .aspx ($ is end of line)
\. matches anything with a dot in the file name (that wasn't already matched) and negates it from the match
I have the following redirect rules one is for non www url (http://mysite.co.uk/....) and the other is for a www URL to redirect to http://www.mysite2.co.uk/...
Currently the rules are a catch all. I don't want the rules to execute if a certain URL is hit which contains "/mystring/mystring.aspx".
Can anyone help me write the rules for this?
<rule name="Canonical Host Name - mysite" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(?:www|[^.]+\.)*mysite\.co.uk$" />
</conditions>
<action type="Redirect" url="http://www.mysite2.co.uk/{R:1}" redirectType="Permanent" />
</rule>
<rule name="Canonical Host - mysite 2" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.mysite\.co.uk$" />
</conditions>
<action type="Redirect" url="http://www.mysite2.co.uk/{R:1}" redirectType="Permanent" />
</rule>
You should be able to accomplish this by adding to the conditions, and using negate="true". Something like this:
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^(?:www|[^.]+\.)*mysite\.co.uk$" />
<add input="{PATH_INFO}" pattern="mystring\/mystring\.aspx" negate="true" />
</conditions>