My re-write rule is
<rewrite>
<rules>
<rule name="rewrite cookie - inbound" enabled="true">
<match url=".*" />
<conditions trackAllCaptures="true">
<add input="HTTP_COOKIE" pattern="(.*)__srf_tk_(.*)" />
</conditions>
<serverVariables>
<set name="HTTP_COOKIE" value="{C:1}__validation_token__{C:2}" />
</serverVariables>
<action type="None" />
</rule>
</rules>
</rewrite>
If the name of the cookie in the inbound request starts with srf_tk_ then replace it with __validation_token
the above rule doesn't work. Can someone help me debug this ?
Figured out what the issue was
replace line
<add input="HTTP_COOKIE" pattern="(.*)__srf_tk_(.*)" />
with
<add input="{HTTP_COOKIE}" pattern="(.*)__srf_tk_(.*)" />
Related
I have added a Rule to prevent referer spam in my web.config. but i want to allow only localhost and block all other referers in the same. Here is what i am trying but it is not working.
enter code here
<system.webServer>
<rewrite>
<rules>
<rule name="abort referer spam requests" stopProcessing="false">
<match url="^localhost:49363$" />
<conditions>
<add input="{HTTP_REFERER}" pattern="^localhost:49363$" />
</conditions>
<action type="AbortRequest" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Please try this rule.
This rule will just allow null reference or localhost and block request referenced from other domain.
<rule name="abort rule" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_REFERER}" pattern="(^$|localhost)" negate="true" />
</conditions>
<action type="AbortRequest" />
</rule>
I have a Windows server available at website.com, and I have another server with a WordPress on it.
How can I configure IIS to route website.com/blog to my WordPress?
I tried to use virtual directories, but I can only send my user to the same server.
According to your description, I suggest you could consider using ARR reverse proxy to achieve your requirement.
I suggest you could install the ARR by using this link and this link.
Then I suggest you could try to use below url rewrite rule.
<rule name="ReverseProxyInboundRule2" stopProcessing="true">
<match url="/blog/(.*)" />
<action type="Rewrite" url="http://ec2 ubuntu address/{R:1}" />
</rule>
Thank you,it worked but I had to add more code to my web.config.
My web.config:
<rewrite>
<rules>
<clear />
<rule name="Route the requests for Company1" enabled="true" patternSyntax="ECMAScript" stopProcessing="false">
<match url="(.*)" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="https://blog.raczum.com/{R:0}" />
<serverVariables>
<set name="HTTP_ACCEPT_ENCODING" value="" />
</serverVariables>
</rule>
<rule name="Route the subfolder blog" enabled="false" patternSyntax="Wildcard" stopProcessing="false">
<match url="https://raczum.com/blog/*" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="https://blog.raczum.com/{R:1}" />
<serverVariables>
<set name="HTTP_ACCEPT_ENCODING" value="" />
</serverVariables>
</rule> </rules>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="false">
<match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^http(s)?://blog.raczum.com/(.*)" />
<action type="Rewrite" value="/blog/{R:2}" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false" />
</rule>
<rule name="RewriteRelativePaths" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="false">
<match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^http(s)?://blog.raczum.com/(.*)$" negate="false" />
<action type="Rewrite" value="/blog/{R:2}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1" patternSyntax="Wildcard">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="*" />
</preCondition>
<preCondition name="ResponseIsHtml2">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
I am using the Rewrite tool for ASP.NET to redirect from http to hpps. I want to reroute to
https://services.net/ExitInterview/home/about
But currently it is routing to
https://services.net/home/about
Below is my redirect rule:
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"
redirectType="Permanent" />
</rule>`
Can I mix the "HTTP_HOST" text with hard-coded text in the rule string? Or is there another way?
I don't want to hard code the url because it changes with local, staging, and production.
<rule name="HTTP to HTTPS redirect" ="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/ExitInterview/{R:1}"
redirectType="Permanent" />
</rule>
Give this a try
This should do what you want in terms of redirecting to HTTPS from HTTP in a web.config file:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<httpRuntime executionTimeout="180" />
</system.web>
<system.webServer>
<httpErrors errorMode="Detailed" existingResponse="PassThrough" />
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I use this exact snippet for a webserver that enforces HTTPS redirection, but that also seems to be pretty close to what you have. Are you sure you have configured the structure of the web.config file correctly? - I remember running into issues when I would leave out something.
I want to redirect my old url
"http://staging.TempSite.com/about-us/Institute-+target/%20"
to new url ""http://staging.TempSite.com/about-us/news-events""
<rule name="rule59" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{HTTP_HOST}{REQUEST_URI}" pattern="staging.TempSite.com/about-us/Institute-\+target/\s*" />
</conditions>
<action type="Redirect" url="./about-us/news-events" />
i also tried followoing patterns.
pattern="staging.TempSite.com/about-us/Institute-\+target/\s*$"
pattern="staging.TempSite.com/about-us/Institute-\+target/ $"
#Wiktor Stribiżew comment is almost correct, but it will not work. If you have + in your URL, you need to enable allowDoubleEscaping in your config. Example of config:
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="true"/>
</security>
<rewrite>
<rules>
<rule name="rule59" stopProcessing="true">
<match url="^about-us/Institute\-\+target/\s*$" />
<action type="Redirect" url="/about-us/news-events" />
</rule>
</rules>
</rewrite>
</system.webServer>
Using IIS ARR I have a reverse proxy to a WP blog hosted elsewhere on a Linux server.
These are the proxy rules:
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/blog/{R:1}" redirectType="Permanent" />
</rule>
<rule name="Reverse proxy to blog" stopProcessing="true">
<match url="^(.*)" />
<serverVariables>
<set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
<set name="HTTP_ACCEPT_ENCODING" value="" />
</serverVariables>
<action type="Rewrite" url="http://111.22.33.444/blog/{R:1}" />
</rule>
</rules>
<outboundRules>
<rule name="Add application prefix" preCondition="IsHTML" stopProcessing="true">
<match filterByTags="A, Form, Img, Link, Script" pattern="^http://111.22.33.444/blog/(.*)" />
<action type="Rewrite" value="https://www.example.com/blog/{R:1}" />
</rule>
<rule name="RestoreAcceptEncoding" preCondition="NeedsRestoringAcceptEncoding">
<match serverVariable="HTTP_ACCEPT_ENCODING" pattern="^(.*)" />
<action type="Rewrite" value="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" />
</rule>
<preConditions>
<preCondition name="NeedsRestoringAcceptEncoding">
<add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern=".+" />
</preCondition>
<preCondition name="IsHTML">
<add input="{HTTP_HOST}" pattern="111.22.33.444" />
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
<add input="{URL}" negate="true" pattern="wp-admin/" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
"wp-admin/" has been excluded from the IsHTML pre-condition as this was causing redirect loops in some areas of the admin.
The plugin Jetpack has been installed but this is failing to connect to Wordpress.com. Wordpress.com shows the error "There was an error retrieving your site settings." Looking at the errors in Plesk where the blog is actually hosted we see the URL below failed with a 400 bad request.
blog/?rest_route=%2Fjetpack.................
If this URL is called manually in a web browser, it gives the message "The request is not signed correctly".
Can anyone offer any advise on resolving this bad request issue please?