I'm having a hard time configuring the balance in IIS via ARR with multiple ports.
The difficulty is in working with different doors than the 80 and 443.
On the same server I have applications on port 80, 443 and 8080. I managed to make it work on port 80 and 443. When I add port 8080 it is redirected to port 443.
The structure is as follows:
IP PUBLIC:80 > IIS ARR > Private IP 1:80, PRIVATE IP 2:80
IP PUBLIC:443 > IIS ARR > Private IP 1:443, PRIVATE IP 2:443
IP PUBLIC:8080 > IIS ARR > Private IP 1:8080, PRIVATE IP 2:8080
The rules I have for url rewrite are:
Name: ARR_Serverfarm_loadbalance
- Match URL
Requested URL: Matches the Pattern
Using: Wildcard
Pattern: *
MArk: Ignore Case
- Action
Action type: Route to Server Farm
Scheme: http://
Server farm: serverfarm
Path: /{R:0}
Mark "Stop processing of subquent rules"
Other rule:
Name: Forward proxy
- Match URL
Requested URL: Does not match the Pattern
Using: Wildcards
Pattern: *
Mark: Ignore case
- Conditions
logical grouping: Match All
{HTTP_HOST} Match the Pattern *
- Action
Action type: Rewrite
Rewrite URL: http://{C:1}/{R:0}
Mark Append query string.
I appreciate the help.
I'll post the rule to make it clearer what I have today.
<rule name="ARR_serverfarm_loadbalance" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="http://serverfarm/{R:0}" />
</rule>
<rule name="forward proxy" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" negate="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="*" />
</conditions>
<action type="Rewrite" url="http://{C:1}/{R:0}" />
</rule>
</globalRules>
In summary, I couldn't configure port 80, 443 and 8080 on the same destination and ended up creating two different webfarms, one on 80 and 443 and another on 8080 and 8443.
After that as a final solution, I created conditions based on the URL.
Example:
<conditions trackAllCaptures = "true" >
<add input = "{URL}" pattern = "^/app1/( . *)"/>
</conditions>
Related
Situation is that I have 2 backend apps and I need to set up HTTPS access for them. I install IIS 8 with ARR and URL rewrite module on the server. Than I install 2 https certificates and create an empty website with binding on 443 port
with second app https certificate. First app is set upped on 8081 ports and second app on port 80. The problem is that I can access via https only to first app and second app could be accessed via http only. So I am trying to set up reverse proxy, so I could access to the second app via https. I wrote 2 inbound rules in URL rewrite, but I got issue when I try to access to second app it is pointing not to localhost:80 but it pointing to localhost:8081. any suggestions why it happen?
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="App2" stopProcessing="true">
<match url="^app2/(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="http://localhost:80/{R:1}" />
</rule>
<rule name="Redirection" stopProcessing="true">
<match url="^app2/(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{SERVER_PORT}" pattern="443" />
</conditions>
<action type="Redirect" url="https://app2/{R:0}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I am rather struggling here. I've seen lots of answers for 80 to 443, but I'm really stuck with 8880 to 8443 for our control panel.
An example of a URL that needs redirecting: http://udweb01.servers.unreal-designs.co.uk:8880/admin/home?context=home
It should result to this: https://udweb01.servers.unreal-designs.co.uk:8443/admin/home?context=home
Note the http -> https and 8880 -> 8443.
The current rule we have is this:
<rule name="Force SSL (8443)" enabled="true" stopProcessing="true">
<match url="^(http://)?(.*):8880(/.*)?$" />
<action type="Redirect" url="https://{R:2}:8443{R:3}" appendQueryString="true" redirectType="Found" />
</rule>
But that doesn't seem to do anything. Any ideas?
Your rule should be like that:
<rule name="Redirect with port" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(.*):8880$" />
</conditions>
<action type="Redirect" url="https://{C:1}:8443/{R:0}" />
</rule>
In this rule you have condition <add input="{HTTP_HOST}" pattern="^(.*):8880$" /> which will accet only http host with port 8880
To try and make this as short as possible, I have two domains at work.
The first domain is our main domain at www.site1.com (port 80), pointing to a regular set up of a site in IIS 8, Server 2012.
The second domain is at www.site2.com (port 8085), but using some clever URL rewrite wizardry that I found on SO, www.site2.com points to www.site1.com/site2/, but behaves as if it were it's own domain. We did this in order to share assets between site1 and site2 in a .NET environment.
I do not have DNS-level control, but have admin of the server and it's settings and have done all of the URL rewriting for both sites myself. We received a request to install an SSL cert on www.site2.com (port 444) so that we can set the site to HTTPS. This is not relevant to the problem in itself because the problem exists in HTTP already.
The problem came about because another developer wants to be able to test the cert and the port configurations. As of right now, this isn't possible even in HTTP. Typing in www.site1.com:80 on the server works fine, but www.site2.com:8085 does not. site2 only connects properly when appended with www.site2.com:80 or just by typing in www.site2.com, I believe since it is rewritten as a subfolder off of site1.
I have tried everything I could think of in order to try and rewrite the ports in the URL so that the developer is able to test the port configuration by typing in www.site2.com:8085. The URL never resolves.
The bindings are set correctly as well because www.site2.com works fine in both test and production and has for years. It only does not work when the correct port is added to the URL.
This is the only code triggering the rewrite as it stands:
<rule name="www.site2 redirect" enabled="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^(www.)?site2.com$" />
</conditions>
<action type="Rewrite" url="/site2/{R:0}" />
</rule>
Any and all help would be appreciated. Thanks.
You can do that in this way, just add one more condition into your rewrite rule:
<rule name="www.site2 redirect" enabled="true">
<match url=".*" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^(www.)?site2.com$" />
<add input="{HTTP_HOST}" pattern="^(www.)?site2.com:8085$" />
</conditions>
<action type="Rewrite" url="/site2/{R:0}" />
</rule>
Another way to to that with one condition is (remove $ from pattern in condiiton):
<rule name="www.site2 redirect" enabled="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^(www.)?site2.com" />
</conditions>
<action type="Rewrite" url="/site2/{R:0}" />
</rule>
But this rule will capture domains like that as well: site2.com.au, site2.com.fr, site2.com:{ANYPORT} etc. That's why i prefer first rule
Please help me redirecting my URL using IIS rewrite the following:
https://domain.com:8080/Context/services/.*
to
https://domain.com:8443/Context/services/.*
We only have 8080 port open and that's why need redirection for SSL.
But at the same time I don't want any other URLs getting redirected such as
https://domain.com:8080/Context/xyz (or anything except services)/.*
I tried the following but it is not working:
<rule name="HTTPS Request on 8080 Redirect to HTTPS Request on 8443 for Root"
patternSyntax="ECMAScript" stopProcessing="true">
<match url="https(.*)Context/services/.*" />
<conditions>
<add input="{SERVER_PORT}" pattern="8080" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}:8443/{R:0}" />
</rule>
Give this a try:
<rule name="HTTPS Request on 8080 Redirect to HTTPS Request on 8443 for Root"
patternSyntax="ECMAScript" stopProcessing="true">
<match url="^(Context/services/.*)" ignoreCase="true" />
<conditions>
<add input="{SERVER_PORT}" pattern="8080" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}:8443/{R:0}" />
</rule>
If you review the Accessing URL Parts section here, you will notice that the match URL contains everything after the root of the directory it is placed in. For something in the root directory as is your case, it will be everything after the hostname and port without a leading slash /.
I would like to make a website always have www in the address, and enforce it via IIS rewrite.
For example, test.com would become www.test.com.
The typical example rewrite rule is:
<rule name="Canonical Host Name" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\.test\.com$" />
</conditions>
<action type="Redirect" url="http://www.test.com/{R:1}" redirectType="Permanent" />
</rule>
However this requires me to enter the full url of my website. It will not work for development and staging environments that have URLs like www.test.dev and www.test.stage.
Is it possible to create an IIS Rewrite rule that will handle all of those cases?
I have another solution for you:
<rule name="Canonical domain name" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\.([.a-zA-Z0-9]+)$" />
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
You're right that the full URL needs to be in the web.config. You have options though.
You can use a config transform to make the regular expression match the correct environment.
There doesn't seem to be any harm if you include all three URL rewrite rules in your web.config. It sounds like your environments are isolated so each environment would only ever match one of the rules. That can clutter your web.config, but not horribly.
I'd go with option 1. You can find information on config transforms here: http://msdn.microsoft.com/en-us/library/dd465326.aspx
I would also suggest you another variant for testing in local environment:
Add to c:\Windows\System32\drivers\etc\hosts:
127.0.0.1 www.example.com
In IIS Manager select site and right click -> Edit bindings.. -> Add..
Enter host name: www.example.com
Open cmd and run iisreset
Now you are able to use www.example.com in browser which is mapped to localhost