We need to be able to run two versions of one ASP.net web application on the same intranet server and port number, but with one mapped to / and the other mapped to /experimental (not real names, but close enough).
C:\inetpub\wwwroot\Version1 => http://test1.organization.com/
C:\inetpub\wwwroot\Version2 => http://test1.organization.com/experimental
The first URL has already been exposed to some beta users and therefore needs to be kept somewhat stable. The second will contain experimental code that only users going to /experimental will see. We don't have the option of using a different server or a different port.
I've achieved this in the past by having / mapped to a site under Sites in IIS, then adding the second site as an application underneath it, and aliasing it to /site2.
Server
Sites
Default Web Site <= physical path mapped to first version and /
/ Application1 <= nested application mapped to second version and /experimental
However, this seems sloppy. Would it be cleaner to do this with a rewrite rule or with ARR? If so, how?
A combination of ARR and rewrite rules will solve this nicely. Here are the steps to follow:
Download and install ARR http://www.iis.net/download/ApplicationRequestRouting
In IIS Manager, select your machine in the Connections pane, double-click the Application Request Routing feature in the IIS section, click on the "Server Proxy" link in the Actions pane, then check the "Enable proxy" checkbox and choos the Apply action.
Change the bindings of your two existing websites, for instance, bind the Released website to port 81, and the Experimental website to port 82.
Create a new website and app pool, and bind it to http:*:80:. Name it "Default Web Site". Point its physical path to "%SystemDrive%\inetpub\DefaultWebSite"
Create a web.config file for the "Default" website, and write your routing rules there:
<rules>
<rule name="Reverse Proxy for Experimental" stopProcessing="true">
<match url="^.*/experimental/.*" />
<action type="Rewrite" url="http://{HTTP_HOST}:82/{R:0}" />
</rule>
<rule name="Reverse Proxy for Release" stopProcessing="true">
<match url=".*" />
<action type="Rewrite" url="http://{HTTP_HOST}:81/{R:0}" />
</rule>
</rules>
You may have to fiddle somewhat with your rewrite rules, you can experiment using the URL Rewrite Module applet on IIS, and read more about it here: http://learn.iis.net/page.aspx/500/testing-rewrite-rule-patterns/ For further help be sure and browse Ruslan Yakushev's blog: http://ruslany.net/
This will give you three completely separate websites, accessibly through a single facade on port 80 (though of course you can hit each website directly on port 81 and 82 if you need to: http://localhost:81/default.aspx, for example).
Can you run one of the sites at a different subdomain, say test1.organization.com and beta1.organization.com? If so then you can set them both up as top-level websites in IIS and set the Host Name on each Site Binding so they can both run on the same IP address and port.
Related
I am new to ASP.NET Web API and to RESTful services in general. I recently started working in a Web API that was already started by another developer that is no longer in the company, and the approach that he used for making this API was to create a new project for every Resource that the API exposes. My question is, what is the correct way to host this API in IIS? I can create a new Website in IIS manager for each project, but then I will have many sites. Also, for testing purposes I tried creating just one Website in IIS and then adding an Application within the Web Site for each service that have to be deployed, and this also works, the problem is that for each project (resource) a virtual directory is created and then the route to access the Resource includes the virtual directory name and I don’t want this, because then the routes will look like this:
BaseURL/VirtualDirectory /api/resource
I have googled for examples on how to host an ASP.NET Web API in IIS, but all the posts that I have found show how to host a single service project, and not an API that is composed of multiple projects. So, I would really appreciate if someone could point me in the right direction. Thanks in advance.
According to your description , I guess you want the url should now show the vitual directory.
E.g:
VirtualDirectoryName.yourdomain.com/api/resource to www.yourdomain.com/VirtualDirectory/api/resource.
If this is your requirement, I suggest you could try to use url rewrite extension to achieve your reuqirement.
You could dirctly download it from below url:
https://www.iis.net/downloads/microsoft/url-rewrite
Then you could use below rewrtite rule into the web.config.
<rule name="Test" stopProcessing="true">
<match url="(.*)" ignoreCase="true" />
<conditions>
<add input="{HTTP_HOST}" pattern="(.+).sample1.com" />
</conditions>
<action type="Rewrite" url="http://www.sample1.com/{C:1}" />
</rule>
This question already has answers here:
How to force HTTPS using a web.config file
(10 answers)
Closed 7 years ago.
How do I make a website to work only with https? Is there any method to make my website work only if the protocol is https?
For example let me say http://www.mywebsite.com, this should work only with https://www.mywebsite.com, if it's http the website should not be accessible .
Is it possible to make a website work only with https? Is it possible to restrict a website /make a website inaccessible if the website was http?
Sure, assuming you are using IIS to host your site, open IIS Manager and select your web site and then binding on the right:
make sure you only have a binding for https not for http.
This way IIS will only send https traffic to that web site.
Edit: What is the difference between Andre's answer Require SSL and mine?
using Require SSL, when users requesting http:// they will get a:
403 - Forbidden: Access is denied.
When using only an https binding, no connection is made at all and the user eventually gets:
ERR_CONNECTION_TIMED_OUT
It's up to you which option you prefer.
I usually have a catch-all site on all servers that respond to any requests not picked up by real sites and just displays a basic 404 page.
The third option is to actually allow http:// but then redirect to https:// as mentioned in the comments. For that solution you have to install the URL rewrite module and add a redirect rule.
My single binding option is the leanest, but it all depends on how you want you site to handle http:// requests.
Create Rule in your web.config which will force to open in https only as shown below
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
For IIS? Start the IIS Manager, click on your site and double click "SSL Settings" and check "Require SSL".
What I have done using Apache: add redirect from http to https
When I attempt to debug my ASP.NET MVC 5 project I am getting the IIS error "This webpage is not available". Here is the sequence of events that led to this:
The project was originally using SSL and IIS Express and working fine.
I wanted to use Fiddler and saw that Fiddler doesn't (easily) monitor https traffic, so went into the project properties (F4) tab and changed it back to use http.
This is when I started seeing the error "The page can't be displayed". I noticed that even though my ProjectUrl and Start URL in the project properties window was http://localhost:57505, when I debugged, the URL would change to https.
A complication (sorry, I don't remember what it was) prompted me to use Local IIS (IIS 7.5) instead of IIS Express.
I restarted IIS and I decided to get rid of the SSL certificate in IIS but that didn't help.
Because nothing worked I changed the project back to use SSL. Now I am seeing "This webpage is not available" when I debug.
I have rebooted and recycled frequently
I'm not sure what to do next because my project is unusable right now. Any help appreciated.
Did you happen to had an entry in web.config that force a redirection to the HTTPS site?
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="^account/logon$|^account/register$" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
Note that redirectType="Permanent", it will return Permanent Redirect(301) to your browser. This will be cached permanently on your browser so you couldn't access the normal HTTP site even if you've removed this redirection. You will need to manually clear your browser caches to fix it.
If it happens with other projects as well then try to disable windows firewall or any other firewalls on the system and hopefully it should work.
Also try to run the website without fiddler and see if it works.
I had similar problem and it was the firewall causing it.
With HTTPS, you can only have one "web site" per ip_address:port. So https://localhost, https://example.com, it's all the same (modulo certificate errors.)
HTTP, however, allows multiple web sites per ip_address:port pair, via the "HOST" header in the HTTP 1.1 spec. IIS needs to know what site you want, and it defaults to binding the web site to the machine's hostname. (That is probably what is getting you.)
If you just want all requests that resolve to your host (like "localhost") to hit the same web site, edit the site bindings in inetmgr and set "Host Name" to empty string or *.
I recently deployed an Windows Azure application and configured DNS of my domain through DreamHost portal. Now my site is accessible through http://www.coziie.com, but not through non-www address.
I read in one of the articles that I should add an A record in DNS settings and point to virutal IP of Windows Azure. How do I get virutal IP of my Windows Azure deployment?
Or is there any better way to 301 redirect all non-www urls to www?
RESOLVED: I was able to solve this problem by simple configuring a website redirect settings in DreamHost DNS settings. A simple 301 redirect of http://coziie.com to www.coziie.com sorted out the issue.
You are talking about two separate issues here.
The first is to setup a DNS record so that your un-canonised url works. The second is to redirect the url if the site is accessed by it.
update I have removed the previous advice for CNAME from here as I didn't realise before that you cannot set the root domain to a CNAME record. It seems that with the ip restrictions of Azure you will have to point the root domain record at non-azure, asp.net hosting and then put a 301 redirect (such as the one further down my reply) to forward it on to the Azure domain (www domain).
When you have http://coziie.com/ pointing at your site and serving the page its then time to fix this because Google can get confused, think its two different sites and then dilute your page rank between the two.
The trick is to set up a 301 redirect. I believe the url rewriting tool started out as an addon for IIS7 but is now included in it? You might have to do a quick search on that.
Anyway, this is how I do it on an IIS7 server with the official url rewrite extension installed (this goes in your web.config):
<system.webServer>
<rewrite>
<rules>
<clear/>
<rule name="WWW Rewrite" enabled="true">
<match url="(.*)"/>
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\."/>
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent"/>
</rule>
</rules>
</rewrite>
</system.webServer>
Intellisense will complain that its not a recognised element but thats just a cosmetic issue while you are editing the file.
The VIP address is easily obtained by either looking at the portal (read deployment details) or by simply pinging your .cloudapp.net address. You can set an A record, but you must be prepared to update that in case you delete your deployment. Once you delete a deployment, the VIP address will be returned to the pool and there is pretty much a guarantee that you will get a new VIP address on the next deploy.
You can maintain your VIP address by using the Upgrade feature as opposed to new deployments. There are some limitations to this, but it works for updates that do not change the Service Definition broadly speaking.
We used to say that the VIP address was not guaranteed even if you did an update, but MS has come back with stronger language about guarantees. See here.
CNAMES are only for subdomains, like sub.example.com or www.example.com, you can't register a CNAME for example.com in other words. If your domain provider supports it you could create a redirect from example.com to www.example.com and then create a CNAME record for www.example.com, the CNAME will match www.example.com against example.cloudapp.net. My domain provider has a web console where I can do this easily, perhaps yours have too?
I have created an asp.net 4.0 project. I want to enable SSL for it. Do I need to map this web project to new website in IIS. When I try to create a new website, I get:
The binding '*:80:' is assigned to another site. If you assign the same binding to this site, you will only be able to start one of the sites. Are you sure that you want to add this duplicate binding?
I am trying to follow the following posts:
http://weblogs.asp.net/scottgu/archive/2007/04/06/tip-trick-enabling-ssl-on-iis7-using-self-signed-certificates.aspx
http://mscrm4humans.wordpress.com/2010/06/24/enabling-ssl-on-iis-7-0-using-self-signed-certificates/
my IIS is 7.5.7600....
I am totally new to SSL in asp.net. Please suggest solution to this issue.
Whilst it is possible to configure host headers to do what you're after, the easy way is to configure your new site with a different IP address.
Add the new IP address to the server, then setup your binding for the new site to the new IP address on port 80 and 443. Set the app pool to run using .NET 4, then for a nice touch you could add a URLRewrite rule to push all non-SSL traffic to HTTPS by sticking this in your web.config:
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
</system.webServer>
Or if you wanted to force SSL then just tick the Force SSL option in IIS for the site.
It sounds like you already have a site setup on port 80. Your IIS probably has a Default Web Site setup. If you're not using that site, you can delete it before you follow the steps in Scott Guthrie's blog post and that should clear up the issue.
If you are using the Default Web Site, change your new site's port to 81 when you create it. You can change the port in the screen shown by the second image in Scott Guthrie's blog post.
If you want to prevent any non-ssl traffic from reaching your new site, you should delete the binding on port 80 (or 81) after you've finished setting everything up.
To use SSL you must:
Have a separate website in IIS
This website must have a separate IP address which will be bound on port 443
You cannot use host headers to host separate websites in IIS and use SSL.
Check this article for more help:
http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis-7/