I have the following rules, but when I access https://myserver/myapp/sparoute/1 I get a 403 instead of the index.html
I got this config at root of myapp:
<system.webServer>
<rewrite>
<rules>
<rule name="Reverse Proxy to API" stopProcessing="true">
<match url="api/(.*)" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="https://internalserver/myapp/{R:0}" />
</rule>
<rule name="Reverse Proxy to Signalr" stopProcessing="true">
<match url="messagehub(.*)" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="https://internalserver/myapp/{R:0}" />
</rule>
<rule name="Handle History Mode for SPA (myapp)" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="/" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
The first two rules are working, but instead of returning the default index.html when rewriting to / i get a 403. Any ideas?
The rewrite url is relative to website. so the last action should be
<action type="Rewrite" url="/myapp" />
Related
How can we combine these two rules for IIS?
"mod_rewrite" - redirects all requests to the PHP script to index.php
The second is a classic redirect from http to https
But the trouble is that either one or the other works, the two rules do not work together, tell me how to combine them?
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="index.php" />
</files>
</defaultDocument>
<rewrite>
<rules>
<rule name="Silex Front Controller" enabled="true" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
<rule name="http-to-https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
You could implement both of the rule at same time. you just need to change the order of the rule. place the https redirect rule at first:
<rule name="http-to-https" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
</rule>
<rule name="Silex Front Controller" enabled="true" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
I have a little question about SSL. I have a website that we have purchased SSL and made some rewright rules in web.config. But the problem is, sometimes we can not redirect to https version. When we type the domain with https, it work perfectly, but when we delete https, we can not redirect to secure version of the site. Here is our web.config file (for privacy, I have hanged our site name as example.com);
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to www" enabled="false" stopProcessing="true">
<match url="(.*)" />
<conditions trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^example.COM$" />
</conditions>
<action type="Redirect" url="{MapProtocol:{HTTPS}}://www.example.com/{R:1}" />
</rule>
<rule name="AngularJS Routes" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="/" logRewrittenUrl="false" />
</rule>
<rule name="Redirect HTTP to HTTPS" enabled="false" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{HTTP_URL}" appendQueryString="false" redirectType="SeeOther" />
</rule>
<rule name="Force non-WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" negate="true" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://example.com/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
What can we do more to be sure that every time we will be redicting to secure version (https) of the link?
Did you use one of these Apache, IIS,Tomcat,Nginx? You have to set let http redirect to https.
In a Azure portal app, I configured traffic to redirect to https but https://www won't redirect to https://
Redirection from http://, http://www both work correctly.
Those are rules I have in web.config in azure app.
<system.webServer>
<rewrite>
<rules>
<rule name="HTTPS" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
<rule name="NonWwwRedirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.example\.com$" />
</conditions>
<action type="Redirect" url="https://example.com/{R:1}" redirectType="Permanent" />
</rule>
<!--To always remove trailing slash from the URL-->
<rule name="Remove trailing slash" stopProcessing="true">
<match url="(.*)/$" />
<action type="Redirect" redirectType="Permanent" url="{R:1}" />
</rule>
<rule name="AngularJS Routes" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(api)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(signalr)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(token)" negate="true" />
</conditions>
<action type="Rewrite" url="/" />
</rule>
</rules>
</rewrite>
How can I achieve the needed redirect?
The problem was with DNS records. A record with host www was pointed to different IP. Changed it to same IP as # host, that solved the problem
How about:
<rewrite>
<rules>
<rule name="Redirect www OR non-https to https://" enabled="true" stopProcessing="true">
<match url=".*" ignoreCase="true" />
<conditions logicalGrouping="MatchAny>
<add input="{HTTP_HOST}" pattern="^www\.(.*)$" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{C:1}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
You could refer to the code as below:
<rule name="NonWwwRedirect" stopProcessing="true">
<match url=".*"/>
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.(.*)$" />
</conditions>
<action type="Redirect" url="https://example.com/{R:0}" redirectType="Permanent" />
</rule>
Note: Make sure the example.com hostname you have assigned to Site, so that you could reach it successfully.
Whats the best way to achieve the above? I do know that it can be achieved at HttpModule level. Is it possible just via web.config(easier and faster to code execute).
It's easy to do this with the URL rewrite module through the web.config :
<rewrite>
<rules>
<clear />
<rule name="Redirect naked domains to www.domain.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" negate="true" pattern="^www\." />
<add input="{REQUEST_URI}" negate="true" pattern="^noredirect/forthis/page\.aspx$" />
<add input="{REQUEST_URI}" negate="true" pattern="^noredirect/forthis/page-as-well\.aspx$" />
<add input="{REQUEST_URI}" negate="true" pattern="^noredirect/forthis/page-as-well-too\.aspx$" />
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
Or if you really only have a single page that doesn't need to be redirected, it can be even shortened to:
<rewrite>
<rules>
<clear />
<rule name="Redirect naked domains to www.domain.com" stopProcessing="true">
<match url="^noredirect/forthis/page\.aspx$" negate="true" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" negate="true" pattern="^www\." />
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
I have the following situation with url rewrite rules which are getting conflicted with each other:
Rule 1: I need to redirect my domain to https
Rule 2: I need to redirect www.mydomain.com --> https://mydomain.com
Rule 3: I need both www.mydomain.com and mydomain.com to redirect to https://mydomain.com/myfolder, but if I have mydomain.com/mysecondfolder should only redirct to https://mydomain.com/mysecondfolder
what I was able to achieve is everything but redirecting www.mydomain.com to https://mydomain.com (just because it is being conflicted with another rules, if alone it is working).
My rules are:
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="redirect to myfolder" enabled="true">
<match url="^$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Rewrite" url="/myfolder" />
</rule>
I was able to solve this using the below rules:
<rewrite>
<rules>
<rule name="Canonical Host Name" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^myapp\.com$" />
</conditions>
<action type="Redirect" url="http://myapp.com/{R:1}" redirectType="Permanent" />
</rule>
<rule name="HTTP to HTTPS redirect" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="redirect to items" enabled="false">
<match url="^$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Rewrite" url="/items" />
</rule>
</rules>
</rewrite>