i have +10 domains on one solution, and about half of them have had an SSL certificate attached. I seem to have trouble creating ONE rule to make the correct ones being forced onto https.
I can to a rule for each of them, but feel this should have worked:
<rule name="HTTP to HTTPS redirect 1" patternSyntax="ECMAScript" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www.domainNo1.dk$" />
<add input="{HTTP_HOST}" pattern="^www.domainNo2.dk$" />
<add input="{HTTP_HOST}" pattern="^www.domainNo3.dk$" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
</rule>
this leaving the domain4, domain5, etc. alone.
Unfortunately it does not kick in when I have more than one domain in the rule. I'm guessing it is the logical grouping that is probably default:
logicalGrouping="MatchAll"
But setting:
logicalGrouping="MatchAny"
will make the sites not work at all. After the redirect to https it continues to redirect the pages, resulting in "ERR_TOO_MANY_REDIRECTS".
I would have thought this was handled by
<add input="{HTTPS}" pattern="off" />
But no.
Hope anyone can help.
You could use below rewrite rule to match multiple domains:
<rule name="http to https with multiple domain name" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="www.sample1.com|www.sample3.com" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
</rule>
Related
Windows Server 2012
I have 1 IIS container with 4 different URLs for one domain and 2 domains in total as below (set with the bindings)
www.site1.com
site1.com
www.site1.co.uk
site1.co.uk
www.site2.com
site2.com
www.site2.co.uk
site2.co.uk
www.site1.com - is the primary domain, meaning any combination of the URLs above must take the user to www.site1.com or www.site2.com
I have the below rule which takes these sites to the primary URL
<rule name="PrimarySite" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="site1.co.uk" />
<add input="{HTTP_HOST}" pattern="www.site1.co.uk" />
<add input="{HTTP_HOST}" pattern="site1.com" />
</conditions>
<action type="Redirect" url="http://www.site1.com/{R:0}" />
</rule>
I now would like the same but for HTTPs so added a new rule (just for site 1 but i would do the same for site 2).
<rule name="site1HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions trackAllCaptures="true" logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="site1.co.uk" />
<add input="{HTTP_HOST}" pattern="www.site1.co.uk" />
<add input="{HTTP_HOST}" pattern="site1.com" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{C:1}{REQUEST_URI}" appendQueryString="false" redirectType="Permanent"/>
</rule>
When i add this i receive a redirecting loop error and have tried different combinations but it just doesnt seem to work.
What have i missed off (I have to rules in total)?
Use MatchAny for 3 {HTTP_HOST} and {HTTPS} will mess up the redirection logic.
You can combine 3 conditions into one so that {HTTP_HOST} and {HTTPS} can be used with "MatchAll" side by side.
<rule name="test">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="(site1|site2)\.(com|co.uk)" />
<add input="{HTTPS}" pattern="^off$" />
</conditions>
<action type="Rewrite" url="https://{HTTP_HOST}{REQUEST_URI}" />
Best regards,
Sam
I want to create a rule using IIS URL-Rewrite module. I want to redirect all pages from www.mydomain.com to mydomain.com
However, there are some pages on teh site that I do not like to have redirection. Those pages are
www.mydomain.com/mail/default.asp
www.mydomain.com/mail2/default.aspx
So here is my code so far
<rule name="Force non-WWW" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
<add input="{REQUEST_URI}" pattern="^/mail/(.*)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/mail2/(.*)" negate="true" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" />
</rule>
However, if I enable this rule and I go to www.mydomain.com/page, I got 500 error.
What is wrong with my code?
Just add condition <add input="{REQUEST_URI}" pattern="/some-url/(.*)" negate="true" />.You could use below rule:
<rule name="Force non-WWW" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_URI}" pattern="/mail/(.*)" negate="true" />
<add input="{HTTP_HOST}" pattern="(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="http://{C:2}/{R:1}" appendQueryString="true" />
</rule>
Regards,
Jalpa.
Hi I want to redirect our non www site with https:// schema to https://www. site.
I used below code
<rule name="Force HTTPS nonwww" enabled="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" negate="true" pattern="^www\.([.a-zA-Z0-9-]+)$" />
</conditions>
<action type="Redirect" url="https://www.{HTTP_HOST}{REQUEST_URI}" appendQueryString="true" redirectType="Permanent" />
</rule>
<rule name="Force HTTPS" enabled="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="true" redirectType="Permanent" />
</rule>
It works fine when I hit our site with http:// but when I hit our site with https:// it throws 404 error.
Basically when we hit http: or https: to our site it should redirect to https://www.example.com.
I tested the above rule in IIS 7 and it tested successfully with both http:// and https:// but somehow it does not work with https://
Your help will be appreciated.
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
This is saying 'dont do this for an incoming https request'.
Since both your rules have it set you never redirect https requests.
You need to be careful in general, you don't want to get into a infinite loop redirecting https://x => https://x, so you second rule should be left as-is
You can safely however change your first rule from:
<conditions>
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" negate="true" pattern="^www\.([.a-zA-Z0-9-]+)$" />
</conditions>
to
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\.([.a-zA-Z0-9-]+)$" />
</conditions>
We were able to resolved this issue. Since it was throwing invalid host error, it was not able to find the site name . Hence we created redirect site and using httpredirect, redirects it back to our https://www.example.com site.
This worked for us.
Thanks all for your help.
I'm trying to write a URL rewrite rule to force a HTTPS connection. This should always happen except when a request is using localhost (e.g. http://localhost/mysite).
The rule is configured as following:
<rule name="Redirect to https" enabled="true" stopProcessing="true">
<match url="(.*)" negate="false" />
<conditions trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{URL}" pattern="localhost" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
</rule>
I also tried to use ^localhost and ^localhost/(.*) as a pattern for the URL condition with no help.
Does anyone have an idea why this does not work and what a solution for this problem should be?
Your code should look like this instead
<rule name="Redirect to https" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" pattern="localhost" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
</rule>
We are using URL Rewrite module to force the login sectoin of our website over https while keeping all the other section on http. These are the two rules that we have added
<rule name="Others Force HTTP" enabled="true" stopProcessing="true">
<match url="(((.*)/LogOn)|((.*)/Content(.*))|((.*)/Images(.*))|((.*)/Scripts(.*)))" negate="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^ON$" />
</conditions>
<action type="Redirect" url="http://{SERVER_NAME}{REQUEST_URI}" redirectType="Permanent" />
</rule>
<rule name="Force on SSL" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{REQUEST_URI}" pattern="^/users/account/LogOn(\?.*)*$" />
</conditions>
<action type="Redirect" url="https://{SERVER_NAME}{PATH_INFO}" redirectType="Permanent" />
</rule>
However with these rules Internet Explorer shows the prompt that some of the content was not delivered over secured connection whereas Google chrome does not fetch any of the stylesheet, images etc.
Fiddler shows that the web server is redirecting all requests to /Content /Images etc. over HTTP which the IIS server shouldn't do as per the first rule.
We are at our wits ends trying to resolve this problem. Some help would be greatly appreciated.
Nikhil,
Ignoring the HTTPS to http redirection rule "Others Force HTTP" for images and stylesheets would solve this, you can rewrite your condition like this
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^ON$" />
<add input="{REQUEST_URI}" pattern="^/Content*" negate="true" />
</conditions>
Note: You can remove the url matching condition for the contents folder
Hope this helps.