Moving a domain - iis-7

Hi I am hoping for some advice.
I have just managed to get a .co domain so I wish to point all requests from my .co.nz domain to the .co
I am running IIS7.5
I have created a services site e.g. services.mydomain.co.nz and the website mydomain.co.nz both are running on their own website and app pool.
At the moment I don't want to break any of the web services so I want to keep the services site as services.mydomain.co.nz but I want to automatically redirect website users to the .co domain instead of .co.nz
So far I have added a new host header in IIS and this allows me to hit the website using the .co domain but I can still hit the site using .co.nz
Do I need to create a url rewrite function to help with this?

You can use http redirection in IIS to direct all requests at the old domain to exactly the same path at the new domain.
You want to choose options as I have in this photo:
Include the full base url to the new site, ending at the slash after the domain name. then leave the other options as I have them; this way, any request at the old domain will be sent a 301 "permanent" code to redirect to the new, equivalent page on the new site.
Note that it's important that you do not check the first of those checkboxes under 'Redirect Behavior'; that will make it send all requests to the home page of your site, rather than to the same path url.
This should be on a separate IIS site, by the way.

Related

How to create a http page on a https website?

I have a website hosted on Azure and SSL-enabled. I have a silly question:
Everything can still be accessed without https (e.g. "http://www.teacherspet.net.au"). How do I force everything except for the home page (which doesn't need login) to go https?
In other words, when people type in "http://www.teacherspet.net.au", it is redirected to "https://www.teacherspet.net.au".

How To Prevent Cookies From Being Created Under Different Hosts

I've run into a problem and I'm not sure how to go about fixing it. Here is the scenario.
A user visits my website (www.MyWebSite.com) and clicks on a button that puts a cookie on their computer. If I examined that cookie on their machine it would list the "host" as www.MyWebSite.com.
If the user then changes the URL in their browser to MyWebSite.com (without the www) reloads the page and then clicks on the button, a brand new cookie with the same name as the first cookie is created. The host of this cookie is MywebSite.com
Obviously this is not good - beside two cookies with the same name, only the cookie with the corresponding URL address is being read by my program.
Can I force cookies to be created with the www host and/or can I force the page to be www or what??? What and how is the best way to prevent this problem?
Cookie Creation using VB.net
Response.Cookies("AAA")("bbb") = strABC
Response.Cookies("AAA").Expires = DateTime.Now.AddDays(1)
Any help is greatly appreciated.
For (obvious) security reasons you can only read cookies that are set by the same domain the user requests. It doesn't matter if it is just a difference like in your example, or an entirely different domainname.
What you could do in this situation (it should improve your SEO as well), is redirect (301) all traffic from the site without www to the site with www.
If you're using IIS 7 or higher, you can find an example on how to do that with URL Rewrite here: http://weblogs.asp.net/owscott/archive/2009/11/27/iis-url-rewrite-rewriting-non-www-to-www.aspx
That's for security reasons. Any subdomain of a host is considered to be another realm, another world.
If you want your cookies to be sent to your subdomains too, then start the Host attribute of the cookie with a .. In other words, set your cookie for .MyWebSite.Com.
See Wikipedia for more information.

Preserving POST data and redirect to another domain

I have two domains innosia.com and sorainnosia.com, the innosia.com is an old domain that I wish whoever visit it got redirect to sorainnosia.com including the POST data that they are posting to. Because currently there is an old windows application that POST data to the old domain that I cannot modify at client side, and wish the data to be POST to new domain instead only by doing changing to innosia.com without modifying client side windows application.
I find out that HTTP status 301 that redirect to another domain will not preserve the POST data. I search on google and stackoverflow but can't find any answer. My web is built using ASP.NET MVC 3.0, anyone has any solution?
Thanks
Some HTTP clients just can't properly handle 301 redirection of their POST requests.
You could however change the old DNS record to point to the new server, or deploy a simple proxy (like Apache) on the old URL to forward the request behind the scenes to the new server.

how to create sub-domains

i am going to create some sub-domains on my website.
when i create a sub-domain i must define a directory that sub-domain will refer to newly created sub-domain. but i want a different solution.
i want to detect when a user enters a URL , which sub-domain is used and then do some operation for each special sub-domain.
for example if website user entered a.mysite.com
i extract "a" sub-domain from URL and then without redirecting webpage i load some data in page.
please help me how i do these,on both web-server and localhost?
In general your application doesn't care about the host name, so you have to configure your IIS to handle all requests.
Production only: Create a wildcard DNS record for your domain (e.g. *.domain.tld)
Your IIS site should have no explicit bindings, so that ALL incoming requests hit this application (other sites should still work fine!).
After this you can check the HttpContext.Current.Request.Url and extract the requested subdomain.

Deploying web application: How to make just one page secure (https)

I am a new to web deployment and I am deployed a website for testing on IIS, the website is non secure (http) site but one page should be secure (https).
Can anyone suggest me how I can achieve it and it should not warn the user while switching between 'http' and 'https'.
SSL or Secure Socket Layer would be bound to a website through bindings. That is, you can tell IIS to redirect the incoming request traffics to a website, when for example the requested URL would be like http://domain.com/ or https://doamin.com, or http://200.202.150.200:8080/ or stuff like that.
Therefore, it's not a matter of IIS to set HTTPS only for one page. It's rather how to manage your URLs while redirecting user. In other words, it's a navigational matter.
I havent used IIS but I did this recently with Apache.
I did the following:
Set up a redirect for the page that you wish to secure so it redirects to HTTPS.
Set up a redirect for every other page to redirect from HTTPS to HTTP
Ensured static files such as images css and js are not affected by the above rules (These files need to work on both HTTP and HTTPS
If you need this commercially, I would recommend to use Helicon tool to redirect that particular page to HTTPS.
Using Helicon tool you can redirect the HTTP request to HTTPS for any specific page or whole site by writing the Rules.
In IIS 7 there is way to define new rules in "URL Rewrite" section for a particular web site. By this you can define a regular expiration and based on that you can redirect any pages which matches the expression to the page which you want. Lets say you are going to redirect http:\x.com\sample.aspx to https:\x.com\sample.aspx. For this do the following steps:
select your website on IIS
click URL Rewrite
Add Rule(s)
Select Blank rule
Then define your pattern in this case : lets say ^sample(any page start with sample). you can define any expression as you like.
in Action section select Redirect in Action type dropdown
in Redirect URL put https:\x.com\sample.aspx
save it and restart your website
you can then add any other rules as you want o match your request
And also in some other complex scenarios you can write your own scripts here

Resources