How can I setup web.config to handle the following redirects
http://example.com -> https://example.sub.com
http://www.example.com -> https://example.sub.com
http://example.sub.com -> https://example.sub.com
The part I am not sure about is matching the urls, for example,
http://<dynamic> to http://<dynamic>.sub.com
I would solve this with two rules. One will match when the hostname contains .sub.com and simply perform a plain redirect. The next will append .sub.com to the hostname.
These are based off #4 of https://ruslany.net/2009/04/10-url-rewriting-tips-and-tricks/#redirect-https
Finally, after you've proved that everything works as expected, changed the Found to Permanent in both rules.
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="\.sub\.com$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
</rule>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}.sub.com/{R:1}" redirectType="Found" />
</rule>
Related
I have two domains. Both read from the same source. That is, the path of their files on the server is the same with same web.config file. I want both of them to be redirect to the HTTPS path without WWW, regardless of the conditions that are called in the URL. Similar to below
HTTP to HTTPS
WWW to non-WWW
for example.com and example.co
I tried to use the below code:
<rewrite>
<rules>
<rule name="Redirect to HTTPS without www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^(www\.)?(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="Special case for HTTPS with www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^ON$" />
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
But this code cannot be considered for both domains com and co. Because it redirects only to the com domain.
Try splitting the two different domain names into two rules, and add the full hostname to your rules, which will trigger your rule for a specific domain only:
<rewrite>
<rules>
<rule name="Redirect example.com to HTTPS without www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^(www\.)?example.com$" />
</conditions>
<action type="Redirect" url="https://example.com/{R:1}" redirectType="Permanent" />
</rule>
<rule name="Redirect example.co to HTTPS without www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^(www\.)?example.co$" />
</conditions>
<action type="Redirect" url="https://example.co/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
I've seen a lot of answers that come close, like this one: IIS Redirect non-www to www AND http to https but it's does not exactly match my case.
I have a website that has 2 domain aliases on top of its main domain name. Displaying the right content for each version is done in the code itself.
I am trying to use the WEB.CONFIG file to rewrite in 2 cases: when HTTPS is not used and/or when WWW is absent at the beginning of the url.
So http://example.com, https://example.com and http://www.example.com would all be rewritten as https://www.example.com Same thing if the site is visited using one of its domain aliases, for example http://examplealias.com would become https://www.examplealias.com
This answer
<rule name="Force WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^[^www]" negate="true" />
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://www.example.com/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
will not work for me as I cannot hard code the domain name.
I have tried this
<rule name="Force WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^[^www]" negate="true" />
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://www.{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
but this results in https://www.www.example.com if I call http://www.example.com
What would be the right way to combine both conditions?
Okay, apparently in my case, it's better NOT to combine the rules:
<rule name="Redirect naked domains (that do NOT have a custom sub-domain) to www.domain.com" enabled="true" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^www." negate="true" />
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
<rule name="Redirect non-https urls to https" enabled="true" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
This works perfectly.
I need to set up a rule in URL Rewrite on IIS8 to remove the www from all https requests.
Below is what I want to achieve. I do not care if we remove www from all urls.
http://sitename.com/sub -> http://sitename.com/sub
http://www.sitename.com/sub -> http://www.sitename.com/sub
https://sitename.com/sub -> https://sitename.com/sub
https://www.sitename.com/sub -> https://sitename.com/sub
I got it to work with this rule.
<rule name="Remove WWW" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(www\.)(sitename\.com)" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" />
</rule>
I also added this rule above it to force all requests to https
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
I need to redirect non-www URLs to www URL for both HTTP and HTTPS URLs. I tried following rules in web.config.
<rule name="Redirect to WWW" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^example.com$" />
</conditions>
<action type="Redirect" url="http://www.example.com/{R:0}" redirectType="Permanent" />
</rule>
<rule name="Redirect to WWW https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="^example.com$" />
</conditions>
<action type="Redirect" url="https://www.example.com/{R:0}" redirectType="Permanent" />
</rule>
It works perfectly for non-ssl URL but in case of SSL it redirect from https://example.com to http://www.example.com.
For a safer rule that works for both Match Any and Match All situations, you can use the Rewrite Map solution. It’s a perfectly good solution with the only drawback being the ever so slight extra effort to set it up since you need to create a rewrite map before you create the rule. In other words, if you choose to use this as your sole method of handling the protocol, you’ll be safe.
You can create a Rewrite Map called MapProtocol, you can use {MapProtocol:{HTTPS}} for the protocol within any rule action.
<rewrite>
<rules>
<rule name="Redirect to www" stopProcessing="true">
<match url="(.*)" />
<conditions trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^example.com$" />
</conditions>
<action type="Redirect"
url="{MapProtocol:{HTTPS}}://www.example.com/{R:1}" />
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="MapProtocol">
<add key="on" value="https" />
<add key="off" value="http" />
</rewriteMap>
</rewriteMaps>
</rewrite>
Reference
Other answers here are unnecessary long, here's the rule i use (just copy and paste) :
<rule name="ensurewww" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{CACHE_URL}" pattern="^(.+)://(?!www)(.*)" />
</conditions>
<action type="Redirect" url="{C:1}://www.{C:2}" redirectType="Permanent" />
</rule>
This will redirect to the www version while preserving the HTTP and HTTPS protocol
Hope this helps.
Since 2018, consider to use everytime https (SSL) !
So I use redirect to www and to https together.
<rule name="Redirect to www" stopProcessing="true">
<match url="(.*)" />
<conditions trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^example.com$" />
</conditions>
<action type="Redirect" url="https://www.example.com/{R:1}" redirectType="Permanent" />
</rule>
<rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{SERVER_PORT_SECURE}" pattern="^0$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
</rule>
more info here :
https://forums.realmacsoftware.com/t/effective-july-2018-google-s-chrome-browser-will-mark-non-https-sites-as-not-secure/18597
I know this is an old post but it's not fully answered. I ended up extending Satpals answer
First rule catches http + www and second one catches non-www
For some reason i could not use MapProtocol in the fist Rule but it works with https written directly into the url.
<rewrite>
<rules>
<rule name="Special case www & HTTPS off" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^www\.example\.com$" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://www.example.com/{R:1}" redirectType="SeeOther" />
</rule>
<rule name="Redirect to www & HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^example\.com$" />
</conditions>
<action type="Redirect" url="{MapProtocol:{HTTPS}}://www.example.com/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="MapProtocol">
<add key="on" value="https" />
<add key="off" value="http" />
</rewriteMap>
</rewriteMaps>
</rewrite>
This worked fine for me:-
<rewrite>
<rules>
<rule name="Redirect to WWW" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^myExample.in$" />
</conditions>
<action type="Redirect" url="https://www.myExample.in/{R:0}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
This post is basically for those who need to redirect non-www to www URL in windows hosting.
In web.config file as below code:
<system.webServer>
<rewrite>
<rules>
<rule name=”Redirect example.com to www.example.com HTTP” patternSyntax=”ECMAScript” stopProcessing=”true”>
<match url=”.*” />
<conditions>
<add input=”{HTTP_HOST}” pattern=”^example.com$” />
<add input=”{HTTPS}” pattern=”off” />
</conditions>
<action type=”Redirect” url=”http://www.example.com/{R:0}” redirectType=”Permanent” appendQueryString=”true”/>
</rule>
<rule name=”Redirect example.com to www.example.com HTTPS” patternSyntax=”ECMAScript” stopProcessing=”true”>
<match url=”.*” />
<conditions>
<add input=”{HTTP_HOST}” pattern=”^example.com$” />
<add input=”{HTTPS}” pattern=”on” />
</conditions>
<action type=”Redirect” url=”https://www.example.com/{R:0}” redirectType=”Permanent” appendQueryString=”true”/>
</rule>
</rules>
</rewrite>
</system.webServer>
In the above code please note there are two rules used one for HTTP and another for HTTPS. To avoid clashing of HTTP and HTTPS in the same rule, here used two separate patterns.
I hope it works for you guys…!!
Follow the Step Below
Login to your website's cPanel
Click on Hosting Setting
Select your preferred domain as www.example.com
I'm trying to turn off HTTPS when someone hits the root of my site...
I want
https://www.domain.com/
to redirect to
http://www.domain.com/
but I also want..
https://www.domain.com/secure.aspx
or any other named page not to redirect.
Here's what I have so far but I can't get it to work. I tried a thousand ways, and read all the IIS documentation and examples on this, but I can't come up with the magic formula.
<rule name="Redirect Root Only to Non HTTP" stopProcessing="true">
<match url="\.com/$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://www.domain.com" appendQueryString="false" redirectType="Found" />
</rule>
I think this is your answer:
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{URL}" pattern="^.*\.aspx$" ignoreCase="true" />
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="Redirect to HTTP" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{URL}" pattern="^$" />
<add input="{HTTPS}" pattern="^ON$" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/" redirectType="Permanent" />
</rule>
You were close .. except the actual pattern (which matches URL path part only and not domain name). The proper pattern is ^$ which means empty string which will ONLY match domain root hit e.g. https://www.domain.com/.
The full rule will be:
<rule name="Redirect Root to HTTP" stopProcessing="true">
<match url="^$"/>
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="on"/>
</conditions>
<action type="Redirect" url="http://www.domain.com/" redirectType="Permanent"/>
</rule>