URL Rewrite from https to http for one page - http

I need to do a URL redirect for a single page. If the client visits https://example.com/default.aspx I need to send to http://example.com/default.aspx and having little success so far. Can anyone shed some light on the best way to limit restrict which page is directed?
Currently what I have is working, but causes a re-direct loop for the pages I do want to be https.
<rule name="ForceNonHttps" stopProcessing="true">
<match url="(.*)default/(.*)" ignoreCase="true" negate="true" />
<conditions>
<add input="{SERVER_PORT}" pattern="^443$" />
</conditions>
<action type="Redirect" redirectType="Found" url="http://{HTTP_HOST}{REQUEST_URI}" />
</rule>

The rewrite rule below worked great for me!
<rule name="default.aspx HTTPS to HTTP" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAny">
<add input="{URL}" pattern="https://example.com/default.aspx$" />
</conditions>
<action type="Redirect" appendQueryString="false" url="http://example.com/default.aspx" redirectType="Permanent" />
</rule>

Related

Redirect HTTPS to HTTP for specifc page and its underlaying rsources

I have requirement in which i am redirecting any http request to https i.e http://test.amey.com/sitename to https://test.amey.com/sitename
To achive this i am applying following rule in IIS url rewrite
<rule name="HTTP to HTTPS Redirect" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/sitename" />
</rule>
The above rule works fine which redirects any http request to https.
But I have another requirement in which i want to redirect https request to http for certain pages and anything below it i.e
https://test.amey.com/sitename/reports/index - (where reports is controller name and index being action method)
to >
http://test.amey.com/sitename/reports/index
Reports have more pages under this directory, so i want to apply rule anything under reports should redirect to http i.e
https://test.amey.com/sitename/reports/sales
to
http://test.amey.com/sitename/reports/sales
https://test.amey.com/sitename/reports/weeklysale to http://test.amey.com/sitename/reports/weeklysale
I have been looking for solution for sometime but can not figure anything out. Any help will be great advantage.
Thank You
Solution below always redirect user to Https but with exception of some pages defined in condition.
<rule name="Redirect to HTTPS">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="OFF"/>
<add input="{URL}" pattern="(.*)reports" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{HTTP_URL}" redirectType="Permanent" appendQueryString="false" />
</rule>
<rule name="Redirect to HTTP">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="ON"/>
<!-- condition below will satisfy that any URL request containing Reports will redirect to http -->
<add input="{URL}" pattern="(.*)reports" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}{HTTP_URL}" redirectType="Permanent" appendQueryString="false" />
</rule>

Redirect rule in UrlRewrite module not working as expected IIS

the need is to redirect every non www hit to www urls and for doing that i have following rule
<rule name="WWW" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^domain\.com$" />
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}/{R:1}" />
</rule>
what is does right now- it redirects every hit of non www url to my home page (www.domain.com)
Expected- it should redirect domain.com/subpage to www.domain.com/subpage
you can try this,it's work for me
<rule name="www" >
<match url="(.*)" ignoreCase="true" />
<conditions>
<add input="{HTTP_HOST}" pattern="^example\.com" />
</conditions>
<action type="Redirect" url="http://www.example.com/{R:1}" redirectType="Permanent" />
</rule>
the problem was with my New HAProxy LB cluster which was doing some sort of redirection with its own, redirect rule is fine. fixed it with the help of IT

IIS rewrite rule to redirect https to http not working

There's lots of questions here about redirecting http to https so I figured it would be easy to reverse the process. However, everything I've tried hasn't worked.
I'm trying to combine the rule with my canonical host name rule (it's the first rule, at the top of the rewrite rules):
<rule name="CanonicalHostName" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTPS}" pattern="^ON$" />
<add input="{HTTP_HOST}" negate="true" pattern="^www\.example\.com|example-staging\.azurewebsites\.net$" />
</conditions>
<action type="Redirect" url="http://www.example.com/{R:1}" redirectType="Permanent" />
</rule>
The site is hosted on Azure and DNS is with CloudFlare if that makes any difference, I'm sure it shouldn't.
Any ideas what I'm doing wrong / might be preventing the https to http part of the rule working? (the host name part works fine)
CloudFlare
It seems the reason you cannot redirect away from SSL is because you are using CloudFlare. CloudFlare at a minimum uses flexible SSL. This means that the end user, browser shows the SSL lock but your server doesn't need SSL. See documentation here: https://www.cloudflare.com/ssl
Without CloudFlare the following example should work.
No CloudFlare
The following rule should work. You could still add your negate in if you want.
<rule name="HTTPS to HTTP redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="on" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="http://{HTTP_HOST}/{R:1}" />
</rule>
Full rewrite section for my working demo site.
<rewrite>
<rules>
<rule name="CanonicalHostNameRule1">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.ashleymedway\.com$" negate="true" />
</conditions>
<action type="Redirect" url="http://www.ashleymedway.com/{R:1}" />
</rule>
<rule name="HTTPS to HTTP redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/{R:1}" redirectType="Found" />
</rule>
</rules>
</rewrite>
Your redirect is still http:
url="http://www.example.com/{R:1}"
You can follow these instructions: Click Here
Additional information: Here

Force https redirect on all http requests on IIS

I want to force all http requests to redirect to https, so I now have this rule:
<rules>
<clear />
<rule name="force https" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP}" pattern="on" ignoreCase="true" />
<add input="{HTTP_HOST}" pattern="(sitea\.com)|(sitea\.uk)|(sitea\.org)" negate="true" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
</rule>
</rules>
But when I request for example http://www.sitea.com, it does not redirect to https://www.sitea.com.
(on a sidenote: I was also wondering if this has any negative effect on SEO)
This is what we use
<rule name="httpsredirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
</rule>
I can see a few differences - we have {R:1} where you have {REQUEST_URI} and we just have one condition entered which turns off https so only the http is redirected, that is perhaps where you are going wrong.
As for SEO - that is a big subject - but since you are doing a Permanent redirect, the search engines will recognize that and take the url out of their index, and use the https one instead.

Rewriting URLs from https:// to http:// in IIS7

I'm trying to rewrite urls from the form:
https://example.com/about
to the form
http://example.com/about
using IIS7 URL rewriting:
<!-- http:// to https:// rule -->
<rule name="ForceHttpsBilling" stopProcessing="true">
<match url="(.*)billing/(.*)" ignoreCase="true" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="false" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
<!-- https:// to http:// rule -->
<rule name="ForceNonHttps" stopProcessing="true">
<match url="(.*)billing/(.*)" ignoreCase="true" negate="true" />
<conditions>
<add input="{SERVER_PORT}" pattern="^443$" />
</conditions>
<action type="Redirect" redirectType="Found" url="http://{HTTP_HOST}{REQUEST_URI}" />
</rule>
I'm at a loss; I've been browsing the web for examples and trying every syntax I can think of. The rewrite rules I specify simply don't appear to work at all for any https requests, as if all the https:// requests are flat out invisible to the rewrite engine.
rules work fine; see answer below.
Turns out that I had port :443 bound to a different website!
The above rewrite rules work fine for http:// to https:// rewriting and vice-versa -- though there might be more optimal or simple ways to do it.
Leaving this question here for future voyagers to find, as I didn't see many good examples of the https:// to http:// rewriting scenario on the web.
This post is a little old, but I wanted to answer. I am using ASP.Net MVC3, and Fabio's answer above didn't work for me. The easiest solution I came up with to handle the https redirect to http, while still allowing valid https pages to request secure content was just to add Whitelist rules above my https/http redirects:
<rule name="WhiteList - content folder" stopProcessing="true">
<match url="^content/"/>
<conditions logicalGrouping="MatchAll" trackAllCaptures="false"/>
<action type="None"/>
</rule>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)billing/(.*)" ignoreCase="true" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/billing/" redirectType="SeeOther" />
</rule>
<rule name="ForceNonHttps" stopProcessing="true">
<match url="(.*)billing/(.*)" ignoreCase="true" negate="true" />
<conditions>
<add input="{SERVER_PORT}" pattern="^443$" />
</conditions>
<action type="Redirect" redirectType="Found" url="http://{HTTP_HOST}{REQUEST_URI}" />
</rule>
please first consider binding https to your website for making below redirect module to work is essential (so bind your web app with a self-signed or valid certificate)
final part in web.config to redirect https to http:
<rewrite>
<rules>
<rule name="Force NonHTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/{REQUEST_URI}" />
</rule>
</rules>
</rewrite>
if you need the equivalent IIS GUI in rewrite module see below image
source: look tech-net for more detail and step by step guide.
Your solution work, but the problem is: your second instruction kill first instruction for any links is not (.)billing/(.), including your css, js, and images.
You can use this https to http rule:
<rule name="HTTPS to HTTP redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{RequiresSSL:{R:1}}" pattern="(.+)" negate="true" />
<add input="{HTTPS}" pattern="on" ignoreCase="true" />
<add input="{REQUEST_URI}" pattern="^(.+)\.(?!aspx)" negate="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="http://{HTTP_HOST}/{R:1}" />
</rule>

Resources