I have a website on azure, and I am trying to make some user-friendly urls to my websites use.
I have downloaded IIS remote manager, and did as it was explained here.
Although the article is since 2008, the GUI of the remote IIS manager is still almost the same.
after defining the rewrite map, and the rule that looks inside the map, this is the web.config that was generated:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<outboundRules>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
<rewriteMaps>
<rewriteMap name="StaticRewrites">
<add key="/niceurlpart" value="/Menu/master/#/Menu?Token=7926983e-c64e-4547-85f5-d85e3c06c7a8" />
</rewriteMap>
</rewriteMaps>
<rules>
<rule name="Rewrite rule1 for StaticRewrites" patternSyntax="ExactMatch">
<match url=".*" />
<conditions>
<add input="{StaticRewrites:{REQUEST_URI}}" pattern="(.+)" />
</conditions>
<action type="Rewrite" url="{C:1}" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
when I enter inside the address bar: mydomain.com/niceurlpart I get:
"The resource you are looking for has been removed, had its name changed, or is temporarily unavailable."
Also, when I try to test the pattern inside the remote IIS manager, it fails..
am I missing something?
Not sure on the syntax of doing this in web.config, but the # part of a URL doesn't reach the server, so using that in your rule won't work.
If you are using angular type app and are using # for routing, then try using HTML5 mode which will get rid of the hash.
If your are after SEO, you can google '_escaped_fragment_' to get the hash value to your server. Also if SEO is your goal then we use _escaped_fragment_, along with this tool https://prerender.io
Related
I added a new application to IIS and added a web.config file to rewrite:
https://mylocaldomain.com/ogc?a=2&b=3&c=3...
to
https://myactualdomain.com/ogc?a=2&b=3&c=3...
But http://myactualdomain.com requires Basic authentication requests.
So that my Web.config is like following:
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="wms" stopProcessing="true">
<match url="^ogc?(.*)" />
<action type="Rewrite" url="http://myactualdomain.com/ogc?(.*)" />
<serverVariables>
<set name="HTTP_Authorization" value="Basic abcdefgasdas" />
</serverVariables>
</rule>
</rules>
<outboundRules>
<clear />
<rule name="wms">
<match serverVariable="RESPONSE_Access_Control_Allow_Origin" pattern=".*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true">
<add input="{HTTP_ORIGIN}" pattern="(.*)" />
</conditions>
<action type="Rewrite" value="{C:0}" />
</rule>
</outboundRules>
</rewrite>
</system.webServer>
</configuration>
This settigns returns error:
500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.
If I remove following lines, there is no error but a username and password popup appearing.
<serverVariables>
<set name="HTTP_Authorization" value="Basic abcdefgasdas" />
</serverVariables>
If I set any kind of serverVariables, 500 error occured. How can I solve this issue?
By default, the distributed rewrite rules (i.e. the rules that are defined for specific sites or web applications) cannot set or change any IIS server variable, unless the server variable is added to the "Allowed" list.
Select the "View Server Variables..." action from the "Actions" pane:
Use the "Add..." action to add the server variables HTTP_COOKIE and ORIGINAL_URI to the "Allowed Server Variables" list:
If the problem still exists, please use FRT to see the cause of this 500 error.
I have the following rules in IIS.
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://localhost:3000/{R:1}" />
</rule>
</rules>
My web application internally calls another domain www.anotherdomain.com/somepage. My problem is while it redirects, it changes the url to www.mycurrentdomain.com/somepage which obviously results in a 404 page. Can some one please help me to write the correct rule.
Note - the redirect is happening from the application code res.redirect('www.anotherdomain.com/somepage')
We need to handle outbound rules to apply the URL rewrite rule rather than use inbound rules. Here is an example of stopping the internally call redirecting to outside domain(https://www.bing.com). You can change it according to your actual needs.
<system.webServer>
<rewrite>
<outboundRules>
<rule name="MyLocationRule" preCondition="IsRedirection">
<match serverVariable="RESPONSE_Location" pattern="https://www.bing.com/" />
<action type="Rewrite" value="http://{HTTP_HOST}/webform2.aspx" />
</rule>
<preConditions>
<preCondition name="IsRedirection">
<!--301,302 Url redirection http status code.-->
<add input="{RESPONSE_STATUS}" pattern="3\d\d" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
</system.webServer>
Feel free to let me know if the problem still exists.
I have one windows service which is running some application with REST endpoint on localhost:5001/api/...
So I installed IIS 10 with rewrite module to create reverse proxy for HTTPS to that service. That worked great.
Now I want to use the same IIS site for hosting a website, which should consume that service on same url.
So I tried to change the pattern of my iis rewrite url to 'api/(.*)' so it should just proxy the /api requests. Testing the pattern is exactly what I want to: Browsing server.domain/api/function matches and the rewrite is done and server.domain is not rewritten.
But now browsing server.domain will often return 'HTTP Error 500.52 - URL Rewrite Module Error'.
Sometimes loading the page works great. But after reload I will get that error again.
My web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1" enabled="true">
<match filterByTags="A, Form, Img" pattern="^http(s)?://localhost:5001/(.*)" />
<action type="Rewrite" value="https://server.domain/{R:2}" />
</rule>
<rule name="ReverseProxyOutboundRule2" preCondition="ResponseIsHtml1" enabled="true">
<match filterByTags="A, Form, Img" pattern="^http(s)?://localhost:5001/(.*)" />
<action type="Rewrite" value="https://server.domain/{R:2}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
<rules>
<rule name="ReverseProxyInboundRule1" enabled="true" stopProcessing="true">
<match url="api/(.*)" />
<action type="Rewrite" url="http://localhost:5001/{R:0}" logRewrittenUrl="true" />
</rule>
</rules>
</rewrite>
<security>
<requestFiltering allowDoubleEscaping="true" />
</security>
<httpErrors errorMode="Detailed" />
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="POST, GET, OPTIONS, DELETE, PUT" />
<add name="Access-Control-Max-Age" value="1000" />
<add name="Access-Control-Allow-Headers" value="x-requested-with, Content-Type, origin, authorization, accept, client-security-token" />
</customHeaders>
</httpProtocol>
<urlCompression doDynamicCompression="false" />
</system.webServer>
</configuration>
I have no idea why there are two outboundRules. IIS created them automatically when I decided to create reverse proxy rules.
If I disable static content compression, all will work without problems.
Dynamic compression module is not installed.
So I have multiple questions:
- why do I get the "Rewrite URL" error for pages which should not be rewritten and the rewritten ones will work without any problem
- why static compression creates rewrite url errors
- how should I configure my IIS to do compression and work with rewriting (I checked the module order and the static compression module is above the rewrite module).
Best,
Robin
Did you create reverse proxy rule by using URL rewrite rule template? If so, you might enable outbound rules. These outbound rules are mainly used when a client can't access source file behind DMZ server. If you client are able to access the domain on backend server, then you don't need these outbound rule.
The reason for IIS return 500.52 error is IIS can't apply outbound rule for a encoded response body from backend server.
So you have to either disable httpcompression or rewrite the incoming accept-encoding header.
I'm afraid it is unavailable to make httpcompression and outbound rule work side by side because rewrite module can't rewrite a compressed entity.
https://learn.microsoft.com/zh-cn/archive/blogs/friis/iis-with-url-rewrite-as-a-reverse-proxy-part-2-dealing-with-500-52-status-codes
I have pretty much the same problem as mentioned in this question
SSO ADFS redirection issue with reverse proxy with ARR. However, I have tried the solution without success. The 302 from ADFS still goes to the private site instead of public.
I have also tried using wreply to explicitly define the public endpoint. I checked using browser Debug Tool and I can see that the ADFS request has the correct wreply value, however, redirection from ADFS is ignoring this.
I have verified the RP identifier in ADFS and it is correct.
Everything works fine in local environment when I host both the proxy and application in a single server and use the same ADFS endpoint for SSO.
The redirection from ADFS also works fine when I use idpinitiated sigon to login to the application.
Where could I be going wrong?
ARR changes the base URL after authentication happens. You need to restore the ADFS Base URL. I made it working using below ARR Rules.
You can use ADFS Rule mentioned in below rule set
<rewrite>
<rules>
<clear />
<rule name="ApplicationRule" stopProcessing="true">
<match url="^dnApplication/?(.*)" />
<action type="Rewrite" url="https://application.cloud.azurewebsites.net/dnApplication/{R:1}" logRewrittenUrl="true" appendQueryString="true" />
</rule>
<rule name="AdfsRule" stopProcessing="true">
<match url="^.*adfs/?(.*)" />
<action type="Redirect" url="https://gfs.private.companyName.com/adfs/{R:1}" logRewrittenUrl="true" />
</rule>
</rules>
<outboundRules>
<rule name="RedirectToHomeDNS" preCondition="3xx Redirect">
<match serverVariable="RESPONSE_LOCATION" pattern="^https://application-dv1.azurewebsites.net/" />
<action type="Rewrite" value="{HTTP_URL}" />
</rule>
<preConditions>
<preCondition name="3xx Redirect">
<add input="{RESPONSE_STATUS}" pattern="3[0-9][0-9]" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
I am building a nodejs api that is hosted by iis. It works perfectly over (using port 5000) http. However, when trying to use the https connection if fails(ssl are installed). I either get a connection failed message or a refused message.
<handlers accessPolicy="Read, Execute, Script" />
<rewrite>
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://localhost:5000/{R:1}" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
</rule>
<rule name="ReverseProxyInboundRule2" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://api.mysite.com:5000/{R:1}" />
</rule>
</rules>
<outboundRules>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
Seems like IIS is refusing the connection. any help is appreciated.
According to your url rewrite rule, I found all your https request will match the ReverseProxyInboundRule2 and rewrite to "http://api.mysite.com:5000". I suggest you could firstly check you could access the "http://api.mysite.com:5000".
I guess there is something wrong with this url. It seems you doesn't bind the domain in the IIS binding configuration.
I suggest you could try to open the IIS web application binding to add the domain for the http://api.mysite.com.