Rewrite Rule Spaces - iis

I created a rewrite rule in IIS because of some Russian spammers but the rule doesn't seem to work correctly because of a space between two parts to search and I was wondering how to overcome this
<rule name="Russian Referral Spam" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_USER_AGENT}" pattern="Windows+2002|Windows+2003|Windows+2004|Windows+2005|Windows+2006|Windows+2007|Windows+2009" />
</conditions>
<action type="Redirect" url="https://stackoverflow.com" redirectType="Permanent" />
</rule>
Before, I never included the spaces between Windows and the fake version:
Windows 2002|Windows 2004...
and that would pickup on anyone with Windows in the useragent and redirect them. With adding the + to the rule even with backslash before it's not affecting the Russian spammers. How do I change the above rule so that it searches for 'Windows 2002|Windows 2004|Windows 2005|Windows 2006... If it was in a URL I could add %20
Here are a few real examples of the Russian Spam User Agents:
Mozilla/7.0 (compatible; MSIE2.00; Windows 2005)
Mozilla/8.0 (compatible; MSIE3.00; Windows 2006)
Mozilla/6.0 (compatible; MSIE7.00; Windows 2008)
Mozilla/4.0 (compatible; MSIE4.00; Windows 2005)
I am not using Apache but IIS so no mod-rewrite rules, please.
Thanks in advance
UPDATE:
On Expert Exchange it says try Windows\ 2006 or Windows\s2006. Will try these but I am waiting for the spammers to return to get the 100% answer but I know within IIS I can test the rules so I will try that also

You were correct. For space in regexp you can use \ or \s. Your rule can be something like that:
<rule name="Russian Referral Spam" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_USER_AGENT}" pattern="Windows\s(2005|2008)" />
</conditions>
<action type="Redirect" url="https://stackoverflow.com" redirectType="Permanent" />
</rule>

Related

IIS web.config redirect subfolder to domain

I have a strange problem with IIS url_rewrite module and web.config setup. I think there is a problem with the matching pattern or I'm doing something completely wrong..
My setup is a ASP.Net MVC app with multi language support. For starters I have three languages enabled, English, German and French.. so you could access them with a language parameter www.domain.com/en/ www.domain.com/de/ www.domain.com/fr/.. now I bought a german domain and setup up the german part of the page to .de domain, so now I have www.domain.com/en/ www.domain.de/de/ www.domain.com/fr/ everything ok so far..
The problem i'm trying to figure out how to add a safe 301 redirect if you write www.domain.com/de/ to www.domain.de/de/ or vice versa www.domain.de/en/ back to www.domain.com/en/ ... the main reason i wan't to solve this its because of SEO to fix the duplicate content issues ..
I have IIS 8.5, url_rewrite module installed and now I'm stuck with this in the in my web.config
<rule name="DE Redirect" stopProcessing="true">
<match url="(.*)" ignoreCase="true" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^www\.domain\.com\/de\/$" />
</conditions>
<action type="Redirect" url="https://www.domain.de/de/{R:0}" redirectType="Permanent" />
</rule>
I want to redirect the user if they enter or get to www.domain.com/de/page1 to www.domain.de/de/page1 and only if there is the www.domain.com/de/ in the url, I won't redirect if they enter to english of french language website.
Any idea what am I doing wrong or what is the best way to debug such redirects.. I have tried with the Failed Request Tracing but didn't found anything helpful.
Any ideas?
Cheers
Because answers cannot contain domain.com, then I will use everywhere example.com and example.de
You should use redirect like that:
<rule name="DE Redirect" stopProcessing="true">
<match url="^de/(.*)" ignoreCase="true" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.example\.com$" />
</conditions>
<action type="Redirect" url="https://www.example.de/de/{R:1}" redirectType="Permanent" />
</rule>
Also if you want to prevent opening the French language on German domain https://www.example.de/fr and redirect it to https://www.example.com/fr then you should also add
<rule name="FR Redirect on DE domain" stopProcessing="true">
<match url="^fr/(.*)" ignoreCase="true" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.example\.de$" />
</conditions>
<action type="Redirect" url="https://www.example.com/fr/{R:1}" redirectType="Permanent" />
</rule>

Change Query String Value in IIS URL Rewrite Rule

I have tried multiple combinations so far but no luck. I have a URL like below.
https://teams.company.com/Search/pages/results.aspx?url=https://teams2017.company.com/sites/hrdepartment
I want to create a rule that will change the query string value from teams2017 to teams only, like below.
https://teams.company.com/Search/pages/results.aspx?url=https://teams.company.com/sites/hrdepartment
I am using IIS 8.5 with IIS Rewrite rule installed.
You rule should be like that:
<rule name="teams2017 to teams" stopProcessing="true">
<match url="^Search/pages/results.aspx$" />
<conditions>
<add input="{QUERY_STRING}" pattern="(.*)teams2017(\.company\.com.*)" />
</conditions>
<action type="Redirect" url="{R:0}?{C:1}teams{C:2}" appendQueryString="false" />
</rule>

IIS HTTP to HTTPS web.config rewrite doesn't return entire URL

So I have been trying to rewrite using the following:
<rules>
<rule name="HttpToHttps" stopProcessing="true"/>
<match url="(.*)"/>
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{URL}"/>
</rule>
<rules>
In two environments, this redirects like it should. In a third environment, it doesn't work. It doesn't work in the sense of, looking at a fiddler log, I see the http call with the full url. When it redirects to https, it removes everything after the HTTP_HOST.
So using the following url:
nonsecure://www.mysite.com/page.aspx?var1=1&var2=2
In two environments, it becomes
secure://www.mysite.com/page.aspx?var1=1&var2=2
In the third it becomes:
secure://www.mysite.com
I tried rewriting it as https://{HTTP_HOST}{HTTP_URL} and that doubled the {URL} in the first two environments:
secure://www.mysite.com/page.aspx?var1=1&var2=2&var1=1&var2=2
I'm not very experienced with web.configs, kinda learning as I go, so if anyone has any input as to what's going on here, it would be greatly appreciated. If it has any bearing on anything, the third environment is on two servers that are load balanced.
Ruslany has several IIS URL Rewrite examples on his blog, HTTP to HTTPS is one of them:
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
See http://ruslany.net/2009/04/10-url-rewriting-tips-and-tricks/ for more.

IIS 7 Canonical URL redirect

I would like to make a website always have www in the address, and enforce it via IIS rewrite.
For example, test.com would become www.test.com.
The typical example rewrite rule is:
<rule name="Canonical Host Name" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\.test\.com$" />
</conditions>
<action type="Redirect" url="http://www.test.com/{R:1}" redirectType="Permanent" />
</rule>
However this requires me to enter the full url of my website. It will not work for development and staging environments that have URLs like www.test.dev and www.test.stage.
Is it possible to create an IIS Rewrite rule that will handle all of those cases?
I have another solution for you:
<rule name="Canonical domain name" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\.([.a-zA-Z0-9]+)$" />
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
You're right that the full URL needs to be in the web.config. You have options though.
You can use a config transform to make the regular expression match the correct environment.
There doesn't seem to be any harm if you include all three URL rewrite rules in your web.config. It sounds like your environments are isolated so each environment would only ever match one of the rules. That can clutter your web.config, but not horribly.
I'd go with option 1. You can find information on config transforms here: http://msdn.microsoft.com/en-us/library/dd465326.aspx
I would also suggest you another variant for testing in local environment:
Add to c:\Windows\System32\drivers\etc\hosts:
127.0.0.1 www.example.com
In IIS Manager select site and right click -> Edit bindings.. -> Add..
Enter host name: www.example.com
Open cmd and run iisreset
Now you are able to use www.example.com in browser which is mapped to localhost

IIS UrlRewrite problem

I've been using the UrlRewrite IIS plugin for about a month on our production site.
I created a single redirect rule using the supplied template/wizard, the resulting config enrty is as follows:
<rewrite>
<rules>
<rule name="CanonicalHostNameRule1" enabled="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.mycompany\.com$" negate="true" />
</conditions>
<action type="Redirect" url="http://www.mycompany.com/{R:1}" />
</rule>
</rules>
</rewrite>
It's been running fine until this morning, when the site started erroring with "too many redirects". As far as I know, nothing in the configuration or infrastructure changed.
I disabled the rule, and the site became functional again (though clearly without any redirecting).
I then re-enabled the rule, and now all is running as expected. I didn't make any changes to the rule other than to temporarily disable it.
Any ideas? Is the plugin buggy?
I'd recommend setting this up:
http://learn.iis.net/page.aspx/467/using-failed-request-tracing-to-trace-rewrite-rules/
This may help you track down the problem if you start getting the "too many directs" error again.
Try this other code, i have on my web and run perfect:
<rule name="Canonical Host Name" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^yourdomain\.com$" />
</conditions>
<action type="Redirect" url="http://www.yourdomain.com/{R:0}" redirectType="Permanent" />
</rule>
The explanation is simple:
Match any URL received to process
The condition is that have anydomaintext.extension (your domain and extension) without prefix
Redirect to same domain with full prefix and put all url.
Other tries was R:1 but quit some of the main url and not run.
The sample from Ruslani:
http://blogs.iis.net/ruslany/archive/2009/04/08/10-url-rewriting-tips-and-tricks.aspx
I tried to use adding www but finally use the sample above.
The fix below worked for me. I discovered my rewrite rule was at out-of-date. The other domain had changed their URL policy and were now redirecting all traffic from otherdomain.com to www.otherdomain.com
<action type="Rewrite" url="http://otherdomain.com/abc/{R:1}" />
to
<action type="Rewrite" url="http://www.otherdomain.com/abc/{R:1}" />
Do you see the difference? By adding the 'www' I preempted the other domain redirection. I basically just complied with their new policy.

Resources