I host an angular frontend inside an Azure App Service on Linux. Stack is Node 12.
In order to enable the response headers "Cache-Control" for the static files I have added the line
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="3.00:00:00" />
inside the Web.config file as suggested in the microsoft documentation here
The Web.config file looks like this:
<configuration>
<system.webServer>
<handlers>
<clear />
<add
name="StaticFile"
path="*" verb="*"
modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule"
resourceType="Either"
requireAccess="Read" />
</handlers>
<staticContent>
<mimeMap fileExtension=".json" mimeType="application/json" />
<mimeMap fileExtension=".*" mimeType="application/octet-stream" />
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="3.00:00:00" />
</staticContent>
<rewrite>
<rules>
<rule name="redirect all requests" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" pattern="" ignoreCase="false" />
</conditions>
<action type="Rewrite" url="index.html" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>
Unfortunately the headers are not set correctly. Is there something wrong with the Web.config file? Does the Azure App Service on Linux have to do something with it?
The web.config file is only for IIS configuration system, but IIS is not for Linux.
So you could not set the cache-control header in web.config file.
If you have entity instance for Linux, you could use Apache .htaccess file:
<IfModule mod_headers.c>
Header set Cache-Control "no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires 0
</IfModule>
If you don't have entity instance for Linux, you could set the header in code:
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
response.setHeader("Expires", "0"); // Proxies.
I have tried using .htaccess file on Azure, but it did not work as Azure is a PaaS, which did not include a entity instance.
Related
So my domain url does not start with www as I use abc and whenever I follow any instructions on how to setup iis for a http to https redirect it does not seem to work for my domain structure so I am curious if there is a seperate approach for this. In particular I followed this approach:
https://www.namecheap.com/support/knowledgebase/article.aspx/9595/33/http-to-https-redirection-on-iis/
And it works for my server name called directly http://servername will redirect to https://servername but for my assigned domain name http://abc.mydomain.com will not redirect and I get a 403 forbidden error.
Any ideas?
*Edit
If I go into IIS manager and for my site uncheck require ssl the redirect now works. Does requiring ssl not allow the redirect to happen since its expecting only https request hence you shouldnt check this item if you plan to do a redirect?
My web config is as follows:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\website.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
<system.webServer>
<rewrite>
<rules>
<rule name="Http to Https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
In azure app services you are able to redirect HTTP traffic to HTTPS either via the web.config file or through the custom domains blade in azure portal. Is it possible to disable HTTP completely without doing a redirect?
Here is a way to achieve this:
Go to Kudu console for the Web App
Go into the D:\home\site folder
Create a file called applicationhost.xdt in that folder, with the following content (you can drag/drop it from your local machine):
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<location path="%XDT_SITENAME%" xdt:Transform="InsertIfMissing" xdt:Locator="Match(path)">
<system.webServer xdt:Transform="InsertIfMissing">
<rewrite xdt:Transform="InsertIfMissing">
<rules xdt:Transform="InsertIfMissing">
<rule name="Disable HTTP" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
<add input="{WARMUP_REQUEST}" pattern="1" negate="true" />
</conditions>
<action type="CustomResponse" statusCode="401" />
</rule>
</rules>
</rewrite>
</system.webServer>
</location>
</configuration>
This will make http requests fail with 401 (you can customize the response in the <action> tag).
I have an application hosted on IIS with an SSL certificate.
with standard ASP I could configure rewrite in web.config for automatically redirecting to the SSL version.
But how can I do it in core?
I want that when someone opens a link over HTTP they will be automatically redirected to HTTPS.
Many thank in advance!
You still may (and should) use web.config
As soon as IIS deals with SSL - your app (Kestrel) receives "clean" HTTP, so it's too late to check for SSL connection in your code. You need to configure IIS to redirect from http to https.
I use this web.config (works in Azure):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
In Asp.Net 2.1 and above, in your startup.cs simply add the following in the app Configure method:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
// other app configure code here
app.UseHttpsRedirection();
}
I'm building a simple PHP web service using Azure Web Sites and I'm having trouble getting it to support PUT and DELETE http methods. Assuming it's something that'll have to go into the web.config file - I've tried a few options from around the interwebs but non of them seem to function properly. Any ideas?
Here's the web.config file as it currently stands:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers>
</handlers>
<security>
</security>
<directoryBrowse enabled="false" />
<caching>
<profiles>
<add extension=".php" policy="DontCache" kernelCachePolicy="DontCache" />
<add extension=".html" policy="CacheForTimePeriod" kernelCachePolicy="CacheForTimePeriod" duration="14:00:00" />
</profiles>
</caching>
<rewrite>
<rules>
<rule name="block favicon" stopProcessing="true">
<match url="favicon\.ico" />
<action type="CustomResponse" statusCode="404" subStatusCode="1"
statusReason="The requested file favicon.ico was not found"
statusDescription="The requested file favicon.ico was not found" />
</rule>
<rule name="Cols Rule" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
<add input="{URL}" pattern="^/favicon.ico$" ignoreCase="false" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
</conditions>
<action type="Rewrite" url="index.php?q={R:1}" appendQueryString="true" />
</rule>
</rules>
</rewrite>
<defaultDocument>
<files>
<remove value="index.php" />
<add value="index.php" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
I do not see that you have handler added into your web.config. I haven't personally tested but someone suggested that PUT and DELETE should work with Windows Azure Website however you would need to configure them correctly on your Windows Azure Websites through web.config.
Following is the simple configuration you can use to set it up:
<configuration>
<system.webServer>
<handlers>
<remove name="PHP53_via_FastCGI" />
<add name="PHP53_via_FastCGI" path="*.php"
verb="GET, PUT, POST, HEAD, DELETE"
modules="FastCgiModule"
scriptProcessor="D:\Program Files (x86)\PHP\v5.3\php-cgi.exe"
resourceType="Either" requireAccess="Script" />
</handlers>
</system.webServer>
</configuration>
It didn't work with DELETE as the last option, and here's the code modified for PHP54 on Azure. But thanks to Avkash!
<handlers>
<remove name="PHP54_via_FastCGI" />
<add name="PHP54_via_FastCGI" path="*.php"
verb="GET, PUT, POST, DELETE, HEAD"
modules="FastCgiModule"
scriptProcessor="D:\Program Files (x86)\PHP\v5.4\php-cgi.exe"
resourceType="Either" requireAccess="Script" />
</handlers>
I have a URL rewrite in my web.config. The rewrite directives are intended to do two things:
If the URL refers to an actual file (such as a css file or image) don't rewrite
If the URL does not refer to an actual file, rewrite to index.php?request={R:1}
Case 2 works perfectly. However, if the requested file exists, I get a generic IIS response indicating an error: HTTP Error 500.50 - URL Rewrite Module Error. - and no other details. The error codes just indicate a generic rewrite module error.
What have I done wrong? This is IIS 10.0
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Do not rewrite existing files and folders" enabled="true" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" />
</conditions>
<action type="None" url="{R:0}" appendQueryString="true" logRewrittenUrl="true" />
</rule>
<rule name="Framework Parsing" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="index.php?request={R:1}" logRewrittenUrl="true" />
</rule>
</rules>
</rewrite>
<caching>
<profiles>
<remove extension=".php" />
</profiles>
</caching>
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
<add name="Access-Control-Allow-Origin" value="*" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="X-Xss-Protection" value="1; mode=block" />
<add name="X-Frame-Options" value="SAMEORIGIN" />
<add name="Referrer-Policy" value="origin" />
</customHeaders>
</httpProtocol>
<!-- staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="8.00:00:00" setEtag="true" />
</staticContent -->
</system.webServer>
</configuration>
This is the error page details:
Module RewriteModule
Notification BeginRequest
Handler StaticFile
Error Code 0x80070005
Requested URL XXXXXXXXX/css/foundation/foundation.min.css
Physical Path XXXXXXXXX\public\css\foundation\foundation.min.css
Logon Method Not yet determined
Logon User Not yet determined
I notice that its login method and user is not determined.
Please try to enable anonymous authentication for your rewrite rule. And ensure IUSR have permission to access these files.