I setup IIS to redirect non https traffic to https by using the rewrite wizzard in IIS. I followed the steps outlined here: https://www.namecheap.com/support/knowledgebase/article.aspx/9953/38/iis-redirect-http-to-https.
Now I'm wanting to add a condition to say if the {server_port} = 80.
I added a new condition:
Condition Input: {Server_Port}
Check if input string: matches the pattern
pattern: 80
Under conditions : Logical Grouping: match all
I then saved the rule and restarted IIS.
I'm still getting all traffic to my site redirected to https which tosses Error code: SSL_ERROR_RX_RECORD_TOO_LONG since https:// www.mysite.com:83 does not compute.
How do I write the condition to redirect only if the server port is 80?
Please be aware that I have not written my redirect in the web.config and am asking because most of the examples I've found discuss web.config. I did find a web config example that should work, but I can't figure out how to use the rewrite tool to implement this:
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
<add input="{SERVER_PORT}" pattern="XXXX" negate="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
I found simple mistake in your rule condition is <add input="{SERVER_PORT}" pattern="XXXX" negate="true" /> negate="true" means it does not match pattern and it rediect to the https. to impemnet your requiremnet you could use bwlow rule:
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
<add input="{SERVER_PORT}" pattern="80" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
</rule>
Related
IIS 10 server behind an AWS application load balancer will not redirect traffic for domain without www when client requests http rather than https. The rule to redirect traffic when www is specified works fine, but 404 is returned if you try the same url without www.
So:
Enter "http://dname.com/blog" = 404
Enter "http://www.dname.com/blog" = redirect to "https://www.dname.com/blog"
<rule name="Force HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_X_Forwarded_Proto}" pattern="^https$" negate="true" />
<add input="{HTTP_HOST}" pattern="^dname\.com$" />
</conditions>
<action type="Rewrite" url="https://www.dname.com{REQUEST_URI}" />
</rule>
<rule name="Force WWW HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_X_Forwarded_Proto}" pattern="^https$" negate="true" />
<add input="{HTTP_HOST}" pattern="^www\.dname\.com$" />
</conditions>
<action type="Redirect" url="https://www.dname.com{REQUEST_URI}" />
</rule>
Nothing worked for me even after going through the answers provided on different forums.
After 2 days of banging my head in this here's what I found which solved the issue :
Bindings : Port 80 must be enabled (This can be added in bindings section in IIS).
SSL settings : Required SSL must be unchecked.
Add Rule :
<rewrite>
<rules>
<rule name="http to https redirection" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}"
appendQueryString="false" />
</rule>
</rules>
</rewrite>
Verify web config as it should reflect the rule added in IIS.
I don't know why the previously posted rules wouldn't work, but I was able to create a refined rule that is working:
<rule name="Force HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_X_Forwarded_Proto}" pattern="^https$" negate="true" />
<add input="{HTTP_HOST}" pattern="^(www\.)?dname\.com$" />
</conditions>
<action type="Redirect" url="https://www.dname.com{REQUEST_URI}" />
</rule>
The above rule combines the two rules instead of looking for the domain without the www and then with the www in a separate rule. The regex (www\.) tells the rule to look for "www." and the question mark tells it that it may or may not be there, so that includes the domain with and without the www.
There is a very very important step that should take care, before setup a redirect configure.
in web Sites project --> Actions(in the right) --> Bindings , the content will like below:
Binding Content
You take carefully the yellow color part, the yellow part is your original web IP address. This original IP address must exist in "Site Bindings", without the yellow part the URL redirect will not working anymore.
The following config is my current IIS URL redirect setting:
<rewrite>
<globalRules>
<rule name="Http redirect to Https" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="localhost:8080" /> <-- the Red one should match above Site Bindings original IP address
</conditions>
<action type="Redirect" url="https://Your-Host-Name/{R:1}" redirectType="SeeOther" />
</rule>
</globalRules>
</rewrite>
I wrote a http to https rewrite rule in IIS.
I want to exclude a http://XXX.XX.XXX.XX (one single IP address) from this.
Then I want to write another rule that rewrites those http://XXX.XX.XXX.XX and https://XXX.XX.XXX.XX to https://www.foo.com (my domain which I have ssl certificate for).
Here both rules:
<rule name="http to https redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{REQUEST_URI}" pattern="^/XXX.XX.XXX.XX$" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
<rule name="Redirect to my site">
<match url="XXX.XXX.XXX.XX" />
<conditions>
<add input="{QUERY_STRING}" pattern="XXX.XXX.XXX.XX" />
</conditions>
<action type="Rewrite" url="https:www.foo.com" />
</rule>
It does not work with the excluded pattern and I wonder if the second rule applies at all. Any advise is wellcome.
I'm trying to force HTTP to HTTPS on an Azure Web Site using a web.config URL rewrite rule. I'd like a rule which encompases both of the following scenarios:
HTTP: //site.domain.com/sitefolder to HTTPS: //site.domain.com/sitefolder
HTTP: //site.domain.com/sitefolder/default.aspx to HTTPS: //site.domain.com/sitefolder/default.aspx
If I follow this guide I can force HTTP to HTTPS but the URL changes to HTTPS: //site.domain.com without the /sitefolder or /sitefolder/default.aspx appended.
This is what I've got at the moment. HTTPS is forced, but the full URL is not included:
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="Off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
This is the simple rule that makes correct redirect to HTTPS on Azure WebSites:
<rule name="Redirect to https">
<match url="(.*)"/>
<conditions>
<add input="{HTTPS}" pattern="Off"/>
<add input="{REQUEST_METHOD}" pattern="^get$|^head$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/>
</rule>
You can test it here: http://double.azurewebsites.net (take the note on the HTTP in the link) I don't have any other rules defined here. The rule above correctly redirects to deep links, i.e. http://double.azurewebsites.net/Home/About
I am trying to force the use of http on all pages of our site with the exception of a checkout page. I have used the rewrite rule below but it doesn't work with the www sub-domain in the url.
If I use https://domain.com it successfully redirects to http://www.domain.com but if I try https with www nothing happens. Please note that there is also a canonical domain name redirect in place but this issue still happens without this rule.
<rule name="No-https" enabled="true" stopProcessing="true">
<match url=".*" negate="false" />
<action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" />
<conditions>
<add input="{HTTPS}" pattern="on" />
<add input="{URL}" pattern="CheckOut" negate="true" />
</conditions>
</rule>
This has been driving me nuts all morning, I'm hoping someone with more experience of IIS rewrites can give me some help.
Spent a few hours on a similar issue. In my case I'm redirecting traffic from http to https and I want to do the same where sub domains are in use, e.g. http://subdomain.mydomain.com rewrites to https://subdomain.mydomain.com. It seems that for IIS 7.5 at least you need to add a http binding in IIS for each specific subdomain or it will not be picked up by the catch all matching below.
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
For local dev testing, I need to catch all requests to www.somedomain.com/XXX (where X is the path), and send them on to localhost/somevdir/XXX.
I've added this to my HOSTS file (c:\windows\system32\drivers\etc):
127.0.0.1 www.mydomain.com
Then, in IIS8 (Windows 8), I've added a binding to my "Default Web Site" for the host www.mydomain.com. This works, I can now browse www.mydomain.com/test.html and see a test html page. My virtual dir is inside the Default web site. I then add a URL Rewrite URL to the web site for the last bit:
<rewrite>
<rules>
<rule name="mydomain.com" stopProcessing="true">
<match url="^www.mydomain.com/(.*)" />
<action type="Rewrite" url="localhost/MyVDir/{R:1}" logRewrittenUrl="true" />
</rule>
</rules>
</rewrite>
But - that doesn't work. I get a 404 so it looks the the match never happens. I've tried redirect and rewrite, and I've tried without the ^ in the regex and a few other regex tweaks. Can someone explain what I've done wrong?
I think the following should work:
<rule name="mydomain.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^(mydomain\.com|www\.mydomain\.com)$" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Redirect" url="http://localhost/MyVDir/{R:1}" redirectType="Temporary" />
</rule>
The match on any URL makes sure the conditions are checked, and the HTTP_HOST server variable seems the most reliable way of checking the requested hostname. You could remove the REQUEST_FILENAME input condition, but it works as quite a nice sanity check to make sure static files are always served.
The following is better for catching both www. and non-www. versions of the domain so that you don't have to write the domain twice, which could possibly cause errors with being twice as likely to write a typo. (The parenthesis with the ? character means optional in regex terms.)
<rule name="mydomain.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^(www.)?mydomain\.com$" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Redirect" url="http://localhost/MyVDir/{R:1}" redirectType="Temporary" />
</rule>