I have 2 web sites installed on the same IIS server. I need them both to listen on port 443 with HTTPS. I want them to use different application pools and be able to stop and start one without affecting the other. The clients of these websites are not able to configure the host header that they use in their HTTP requests.
Is there a solution? I have been trying to use IIS Rewrite rules. I have one website deployed on port 443 and the other on some unusual port. I tried setting up a URL rewrite on the first one that did a rewrite (not a redirect) to an absolute URL referencing the 2nd site on the unusual port. This always seems to produce an HTTP 404 response.
I can't do a redirect because the client gets redirected to the unusual port and the client is not allowed to make internet requests to non-standard ports.
I believe I am using IIS 6.2, that's what is says in the Help about in IIS MAnager
What options do I have?
It is not possible to rewrite to different applications in IIS, especially if they are in different application pools. Your only option is redirect if you want to do it simply using URL Rewrite.
Another alternative is to use ARR (Application Request Routing) and then proxy the call to the actual site depending on rules, this has also the advantage that sites could be in different machines or in the same one, and give you more flexibility. Obviously it does come with more complexity.
Related
I have many sites hosted on IIS on same machine. Only for one site, I need to have reverse proxy setup. I have written rewrite rules for this site and forward some request to another site hosted on different machine.
Will enabling proxy on application request routing affect other sites? Will it have an affect the performance of other sites?
Eg: I have following websites(few are wcf services)
localhost/A
localhost/B
localhost/C
localhost/D
Only the website C needs reverse proxy, so I have written rewrite rules for it. How will enabling proxy effect A, B and D sites
Yes you can enable Reverse proxy for one website and ensure that it does not affect the others.
You mentioned that you have 4 websites but in the example, you gave description of "application" and not website. Since its unclear what your architecture looks like, I'll go ahead and give solution to both.
Considering you have a single website and multiple applications within it but you want to enable proxy for just one application, following is what you need to do. Open the URL rewrite section, under pattern, choose regular expression and add ^application_name/(.*) For example, ^c/(.)
But if you have multiple websites and want to reverse proxy just one of them, then open URL Rewrite and add a condition for "HTTP_HOST" and its value. This will ensure that only requests for specific website's hostname will be reverse proxied.
With respect to performance, having URL rewrite on one of the websites will not have any impact on other websites. If you are still unsure and want to play it safe, you can have each website running on separate application pool. That way they have their own w3wp process and are independent of each other.
I essentially have the same issue as desribed here Redirect HTTP to HTTPS in Azure Application Gateway but am trying to solve it a different way.
My back end web application works fine when both http and https are open on the AAG, however when you click on a link generated by the webapp to another page the url sent back to the client is for http not https. Obcviously the proper solution is to make the web app aware it is behind a reverse proxy and generate links accordingly.
In the short term I have been attempting, and failing, to use the IIS url rewrite module to either:
a) Using an inbound rule, rewrite (not redirect) the incoming URLs as https which ought to force the responses to contain https urls (a redirect causes an infitite loop as AAG forwards everything to the back end web servers as http). I'm guessing this is impossible because its essentially creating a secure channel between itself.
b) Using an outbound rule, rewrite the responses so the urls are https instead of http. This is proving to be very difficult as I don't understand what parts of the responses I need to be modifying. I'm hoping this approach is possible though?
For the uninitiated, the answer is to use custom tags in an outbound rule, which match the html elements containing the values that need modifying.
The drawback is of course that it means the web server is having to do a patter match & replace on every single page it serves unless you can use conditions to limit the scope. Still very inefficient compared to fixing the code so it is proxy aware!
I want to move some websites from server 1 to server 2.
My clients have A records pointing to the IP address of server 1. Without updating their DNS records, how can I automatically forward request for those domains from server 1 to server 2?
Thanks
Graham
This image is from an article regarding Exchange, but the IIS settings are relevant.
You can redirect at the HTTP level by specifying a URL redirect in IIS's HTTP Redirect settings:-
However, for this approach to work you will need a new domain for your sites. e.g. if the A record resolves www.example.com to Server 1 you will need to redirect to another URL (e.g. www.example.edu) that already resolves to Server 2.
Another option is to setup a reverse proxy using IIS on Server 1:
Today there was a question in the IIS.net Forums asking how to expose two different Internet sites from another site making them look like if they were subdirectories in the main site.
So for example the goal was to have a site: www.site.com expose a www.site.com/company1 and a www.site.com/company2 and have the content from www.company1.com served for the first one and www.company2.com served in the second one
So slightly different requirements (the article only wants a subdirectory rather than the whole site), but the same concept will apply.
Our company has two sites
www.mysite.com -- Wordpress site
www.mysite.com/portal -- asp.net mvc site
We want to move the wordpress site (www.mysite.com) to Azure and the other site stays local. We need to url stay the same. How can we achieve this?
Since you state that you need the URL to stay the same, this can be achieved through a reverse proxy. You would set up a web server (typically nginx or IIS) answering on www.mysite.com.
This web server would have reverse proxy rules to forward requests for /portal to your on-premises server (in a given, non-public IP and port) and all other requests to another web server running WordPress (on the same server/cluster that runs the reverse proxy, or a separate one), also with a given IP and port.
All user requests, then, would reach the reverse proxy, that would serve them from cache if possible, or forward them to the internal web servers, and send the response back to the user, transparently. Notice that this is an internal operation, not a redirect response.
Although this setup is more complex than the simpler solution of using different subdomains (www.mysite.com for website and portal.mysite.com for application), it comes with certain advantages that are described in the referenced Wikipedia article, such as security and acceleration.
Alternatively you could create separate subdomains as described above, and use a redirect rule to redirect requests for www.mysite.com/portal/x to portal.mysite.com/x. In this case, the user would see the updated URL in their browser, but the old ones would still work.
I am hosting my public facing site at a shared host (Hostgator) with the domain pointing to the same. I also have my application hosted on a dedicated server with a different host. Both servers have their own SSL certificates installed.
Is there any way to edit the .htaccess file to do the following:
https://www.domain.com/CUSTOMER redirects to https://x.x.x.x/CUSTOMER while the browser still shows www.domain.com/CUSTOMER?
I'm vary of using frames due to the SSL ramifications. My domain registrar is Hostway and they do not offer URL masking/forwarding.
This can be done by making your server act as a proxy. Even if you have no access to the servers configuration you might be lucky that apaches proxy module is loaded: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
If so you can 'map' the remote site (IP) as if being served by your normal server.
Also apaches rewriting module can make use of that module by using the [P] flag in a RewriteRule.
Be sure you have a copy of that site on the different server, preverally with the same database, so you don't get in trouble with i.e. order numbers or user logins between http and https. The certificate server must be the web server for your SSL provided web content.
Take a look here foor further informations. "Google Search Result"