I recently got a SSL certificate for my website and want to redirect all traffic to HTTPS. I got everything to go to https://mydomain.com but if someone enters http://mydomain.com/anotherpage it drops the other page and just takes the user to the home page.
My rule in my web.config file looks like this:
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
I also tried https://{HTTP_HOST}{REQUEST_URI} without any success. Can anyone tell me what I need to do to make the website redirect to the proper HTTPS version of the page? I have a feeling it has something to do with the pattern, but I can't seem to figure out the syntax.
I found a way to do this, and you don't need the Rewrite module for it. The following worked for me on Windows 8 (IIS 8.5):
Remove the HTTP binding from your site (leave HTTPS in place)
Add another site
Make sure that the new site has HTTP binding
Configure HTTP Redirect as shown:
Now all HTTP request will redirect to your HTTPS site and will preserve the rest of the URL.
Change it to:
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
I had the same problem where the R:1 was dropping my folders.
I fixed it like this.
<rule name="http to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}"
appendQueryString="false" redirectType="SeeOther" />
</rule>
I can't comment yet or I'd leave this as a comment under AndyH's answer. The solution was correct, though I hit a single further snag (likely tied to the use of Adobe's Coldfusion server). I wanted to share some further research I had to do for any other unfortunate soul who may run into it.
Once set up, the redirect would always end at this url:
https://xxx.xxx.com/jakarta/isapi_redirect.dll
The fix for this was found in an Adobe thread (https://forums.adobe.com/thread/1034854): I had to change an application pool's settings as follows:
Real site (HTTPS binding only, actually contains code and virtual directories)
Application pool's Advanced Settings: Enable 32-Bit Applications : False
Http_Redirect site (HTTP binding only, is a blank shell of a folder with no directories)
Application pool's Advanced Settings: Enable 32-Bit Applications : True
EDIT: Another detail, tied to query string preservation:
Per suggestion in this post (http://www.developerfusion.com/code/4678/permanent-301-redirect-with-querystring-in-iis/)
Add $S$Q at the end of the domain and make sure the box for Redirect all requests to exact destination is checked. Then it will save the query string as well.
I believe AndyH's answer to be the easiest and best way. I have found using the URL rewrite can also conflict with code that may redirect the user to another page. IT commonly broke in our environment. But Andy's solution worked flawlessly. I also think Andy's solution will put less overhead on the server as it doesn't need to examine every url hitting it for possible re-write conditions.
I found a workaround:
Consider what in IIS is consired a website: simply a set of rules, the path in which get files and its bindings.
Furthermore, there's available a function called "HTTP Redirect" (included standardly in IIS), that redirect an host to another, keeping all subdirectory (it makes a relative path). The workaround is to leave just the binding for HTTPS (port 443) in your website, and create another with the binding on HTTP (port 80) and set for this an HTTP redirect to your URL with https://.
For example, consider a website called mytest and its urls http://www.mytest.com/ and https://www.mytest.com/.
Set for it instead only binding on https://www.mytest.com/, and delete the http binding. Then create a new website with the same local path, called mytest http with just a binding over port 80 (http://www.mytest.com/) and set for this one an HTTP Redirect to https://www.mytest.com/.
Simple and clean, and that should be as fast as directly the https url for the user, because it's just an internal redirect. I hope that can work for you!
You can add the URL Rewrite module to IIS (IIS 7 or higher) which allows you to add create the redirect in a visual way. The module can be downloaded here.
This step-by-step tutorial worked wonders for me and explains that when using this module, all it actually does is add some code to your web.config file as such:
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
I have found that the
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
syntax will only work for the website's ROOT web.config file.
If the rewrite rule is applied to a virtual web.config file, then use..
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}{URL}" />
The {URL} syntax will include the initial forward slash, the virtual path, and any URL parameters.
Related
I was trying to play with URL re-writing using the Rewrite Module 2.0 but I had no luck getting it to work. What I'm trying to do is re-write all calls to web app at port 80 to other applications hosted in IIS (or maybe on different servers on the network). Using the GUI provided by IIS I created the following rule:
<rewrite>
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="site1/(.*)" />
<action type="Rewrite" url="http://localhost:7001/{R:1}" />
</rule>
</rules>
</rewrite>
Quiet simple, but unfortunately it does not work. On the other hand, when I change the action type to Redirect, it works fine.
What could be the problem?
I ran into this same issue yesterday, and it took me a long time to figure out.
The key here is that you've got an http:// prefix in your rewrite action; that makes this a special case that needs to be handled by Application Request Routing. The first step is to make sure that the Application Request Routing module is installed. You can find the module at https://www.iis.net/downloads/microsoft/application-request-routing. Once that is installed, go to your IIS web server (a level up from your web site), and open the Application Request Routing Cache feature. From the actions on the right, choose Server.Proxy.Settings, and make sure that the "Enable Proxy" checkbox is checked. This allows the URL rewrite task to be re-routed to Application Request Routing, and your reverse proxy should work for external requests.
The idea came from this excellent blog post from 2009: http://ruslany.net/2009/04/10-url-rewriting-tips-and-tricks/
Stumbled across this old post when I was trying to solve the same issue.
SOLVED!
Using Rewrite URL feature in IIS Services Manager I created a friendly URL rule.
This worked ok and when I looked at the rule in the web.config file (www root) it showed 1 rule to redirect and 1 rule to rewrite.
I edited this to suit 1 match. Then I just duplicated this code editing the product ID for each. Example below:
<rule name="RedirectUserFriendlyURL1" stopProcessing="true">
<match url="^product\.php$" />
<conditions>
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^id_product=\b35\b" />
</conditions>
<action type="Redirect" url="990mm-bohemia-cast-iron-electric-radiator"
appendQueryString="false" />
</rule>
The first rule looks for the string "product.php" in the URL and "id_product=35", it then redirects to "990mm-bohemia-cast-iron-electric-radiator" which currently does not exist. Then (see below)
<rule name="RewriteUserFriendlyURL1" stopProcessing="true">
<match url="^\b990mm-bohemia-cast-iron-electric-radiator\b" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="product.php?id_product=35" />
</rule>
This rule rewrites the "product.php?id_product=35" bit to `990mm-bohemia-cast-iron-electric-radiator", creating the new location for the redirect.
Do make sure MVC routing doesn't steal your request. To prevent that from happening, ignore the route you're trying to rewrite:
RouteTable.Routes.Ignore("blog/{*pathInfo}");
Inspired by: https://sitecore.stackexchange.com/questions/3645/how-to-setup-a-reverse-proxy-with-sitecore
Change the Rewrite URL to AbsolutePath instead putting http://...
it should be
<action type="Rewrite" url="{R:1}" />
It worked for me, but in my case, I have been rewrite to a fixed webpage.
I'm attempting to write a rewrite rule for the following scenario.
User attempts to load this picture:
domain.com/images/folder/picture.jpg
and instead, I need it to load:
cdn.domain.com/images/folder/picture.jpg.
Here's what I have that isn't working:
<rule name="CDN rewrite for Images">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="domain.com" />
<add input="{REQUEST_URI}" pattern="^/images/folder/(.*)$" />
</conditions>
<action type="Rewrite" url="cdn.domain.com/images/folder/{C:1}" />
</rule>
UPDATE: Adding additional info. Most pictures are being served up from Joomla so while the root of the domain is something like domain.com, most images are input with a src="/images/folder/picture.jpg" Not quite sure how this is affecting the rewrite, but none of the options on cheesemacfly's answer below, are working...
UPDATE2: While cheesemacfly was unable to help me in my particular circumstances, I awarded him the bounty and marked his answer as the accepted one because he went above and beyond to try to help me in chat. Hopefully his answer will help someone with rewrites on IIS.
EDIT:
To be able to rewrite (and not only redirect) urls to outside websites, you need to install the Application Request Routing module and enable the proxy mode.
To do so:
Download and install the module
Open your IIS management console (inetmgr)
Select Your server node
Double click on Application Request Routing Cache:
Click on Server Proxy Settings on the Actions pane (right of the screen)
Check the box Enable proxy and click on Apply
The second step is about setting up your rules.
If you want your rewrite to be based on the path then use the following code:
<rewrite>
<rules>
<rule name="Rewrite to cdn domain">
<match url="^images/folder/(.+)$" />
<action type="Rewrite" url="http://cdn.domain.com/images/folder/{R:1}" />
</rule>
</rules>
</rewrite>
Or if you keep the same folder architecture on the second website you can simplify as follow:
<rewrite>
<rules>
<rule name="Rewrite to cdn domain">
<match url="^images/folder/(.+)$" />
<action type="Rewrite" url="http://cdn.domain.com/{R:0}" />
</rule>
</rules>
</rewrite>
If you want to catch only the files ending with a specific extension (let's say images):
<rewrite>
<rules>
<rule name="Forward to cdn domain">
<match url="^images/folder/.+\.(?:jpg|bmp|gif)$" />
<action type="Rewrite" url="http://cdn.domain.com/{R:0}" />
</rule>
</rules>
</rewrite>
Please refer to: http://www.iis.net/learn/extensions/url-rewrite-module/iis-url-rewriting-and-aspnet-routing (section "Which Option Should You Use?")
TIP:
The best way to test your pattern is to use the IIS test pattern tool.
At the root of your website -> URL Rewrite -> Create a blank rule -> click on test pattern:
If you don't get the expected result, you can debug your rewrite using the Failed Request Tracing tool
NOTE: Changing the rule to be a redirect instead of a rewrite fixes the problem. Ideally you want it to be a redirect but I have spent many hours trying to get the rewrite to work, and so far no solutions yet.
<rule name="Rewrite to images.cdn.com" enabled="true" stopProcessing="true">
<match url="images/(.+)$" ignoreCase="true" />
<action type="Redirect" url="http://images.cdn.com/{R:1}" />
</rule>
I've hosted a site in IIS but whenever I browse to the site I get 404.4. How can I solve this? I've referred several posts and they all say the issue is about staticfile but it is already mapped. What more can I do? Here is the attached picture of handler mappings in my iis 7.0
Any ideas?
EDIT:
I have this url rewriter set up:
<rules>
<rule name="Imported Rule 1-1" enabled="true" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{SERVER_PORT}" pattern="80" />
</conditions>
<action type="Rewrite" url="https://abc.com/{R:1}" />
</rule>
When I disable this rule the http:// request is correctly handled. But when I enable it, I get this error.
Yet another update:
If I replace this:
<action type="Rewrite" url="https://abc.com/{R:1}" />
with
<action type="Redirect" url="https://abc.com/{R:1}" />
It all works out pretty well.
I was having the exact same issue. I installed Application Request Routing component and then set the Proxy enabled and selected the Use URL Rewrite to inspect incoming requests entered the redirect url alias and mine worked
I've followed the instructions Learn IIS's webpage for adding static redirects with a rewrite map for my asp.net application.
The following is the config:
<rule name="Redirect rule1 for Information" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{Information:{REQUEST_URI}}" pattern="(.+)" />
</conditions>
<action type="Rewrite" url="{C:1}" appendQueryString="true" />
</rule>
And
<rewriteMaps>
<rewriteMap name="Information">
<add key="/Information/CorporateSales.aspx"
value="/KB/Information/CorporateSales" />
<add key="/Information/ComputerRepair.aspx"
value="/KB/Information/ComputerRepair" />
</rewriteMap>
</rewriteMaps>
This was even originally created by the wizard in IIS's manager for using rewrite maps.
So the idea is that /Information/CorporateSales.aspx --> /KB/Information/CorporateSales with a 301 redirect (MOVED PERMANENTLY).
However I'm just getting the original aspx page (Which we're removing later) loading. I've even deleted the file incase it was defaulting to an existing resource, and with that i just get a plain 404 without the redirect.
Anyone have an idea?
Let me clarify something:
Rewrite module works, it's installed and running. My standard regex rules work nicely. But my rewrite map does not.
This article http://www.iis.net/learn/extensions/url-rewrite-module/using-rewrite-maps-in-url-rewrite-module and code below worked for me.
<rewrite>
<rules>
<rule name="Redirect rule1 for RedirectURLs">
<match url=".*" />
<conditions>
<add input="{RedirectURLs:{REQUEST_URI}}" pattern="(.+)" />
</conditions>
<action type="Redirect" url="{C:1}" appendQueryString="false" />
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="RedirectURLs">
<add key="/privacy.php" value="/privacy" />
</rewriteMap>
</rewriteMaps>
</rewrite>
I was having a similar problem and found this question. It took me a little while, but I was able to figure out what the problem was.
My rewriteMap contained the urls "/Default2.aspx" and "/Dashboard.aspx".
When I would go to Default2.aspx, I would get a 404 rather than get redirected to Dashboard.aspx as expected.
The issue I found was that on my machine, the application was running in a subdirectory. The rewriteMap paths would only work if I used the full path (including the application folder), e.g., "/TestSite/Default2.aspx".
So I could have added duplicate entries in my rewriteMap to account for application directories on developer machines, but that seemed messy. I looked at the other rewrite rules in the application that did not have this issue and I noticed that they were using the {REQUEST_FILENAME} variable, rather than {REQUEST_URI}. So I switched the rule to use {REQUEST_FILENAME} and remove the first slash from the urls in my rewriteMap.
Do you have Url rewriting installed as part of IIS7/7.5? This is not installed by default. Also, make sure your app pool is set to integrated pipline mode, no classic.
Edit
From this:
http://learn.iis.net/page.aspx/469/using-rewrite-maps-in-url-rewrite-module/
This only thing I see that you're doing is adding the 'stopProcessing' attribute. Have you tried removing that?
Previously I had same problem as you described.
Could you update your code to
<match url="(.*)" />
and I hope you aware,
<add input="{Information:{REQUEST_URI}}" pattern="(.+)" />
this condition will capture full URL except the domain.
example on this url:
www.example.com/Information/CorporateSales.aspx
it will check matching condition of
Information/CorporateSales.aspx on rewriteMap
and for sure it wont be match with this url
www.example.com/old/Information/CorporateSales.aspx
Did you reset the app pool and the iis site ?
In some cases it can take up to 72 hours (iirc) to propagate throughout the world.
What's the simplest and most effective way to selectively redirect HTTP requests to your ASP.NET page to its HTTPS equivalent?
For example, if my page site URL is http://www.somesite.com, I want to redirect some (or all) page requests to https://www.somesite.com.
What's the easiest way to do that?
I use this code to do that.
http://www.codeproject.com/KB/web-security/WebPageSecurity_v2.aspx
I like to say, that the only minus is that is not use "Regular expression pattern matching", but it was very easy to add it on the code.
Depending on what version of IIS you are using and whether you have access to it and whether you want to write custom code or configure a product feature.
IIS5, IIS6:
http://weblogs.asp.net/scottgu/archive/2007/02/26/tip-trick-url-rewriting-with-asp-net.aspx
IIS7, IIS7.5:
URL Rewrite:
http://learn.iis.net/page.aspx/460/using-the-url-rewrite-module/
Here's an example of a rule to redirect http://.../checkout.aspx to https:
<rule name="CheckoutToSSL" stopProcessing="true">
<match url="^checkout.aspx*" ignoreCase="true" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
ASP.NET Routing:
http://msdn.microsoft.com/en-us/library/cc668201.aspx
Difference between IIS7,7.5 rewrite and ASP.NET routing
http://learn.iis.net/page.aspx/496/iis-url-rewriting-and-aspnet-routing/