I'm trying to figure out a url rewrite rule to rewrite http requests into https only when a specific path is accessed like below. I've tried quite a few things that in the test pattern seem as though they should work but it never does.
url accessed: http://example.com/books/test.css
I need to check for the http:// and /books/ to form the proper url below.
url needed: https://example.com/books/test.css
A request of http://example.com/book/test.css should be ignored.
You can specify the patten in the <match> element :
<rule name="Force HTTPS for /books/" enabled="true">
<match url="^/books/.*$" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" redirectType="Permanent"
url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="true" />
</rule>
or by adding a new <condition>
<rule name="Force HTTPS for /books/" enabled="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
<add input="{REQUEST_URI}" pattern="^/books/.*$" />
</conditions>
<action type="Redirect" redirectType="Permanent"
url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="true" />
</rule>
Related
I've seen a lot of answers that come close, like this one: IIS Redirect non-www to www AND http to https but it's does not exactly match my case.
I have a website that has 2 domain aliases on top of its main domain name. Displaying the right content for each version is done in the code itself.
I am trying to use the WEB.CONFIG file to rewrite in 2 cases: when HTTPS is not used and/or when WWW is absent at the beginning of the url.
So http://example.com, https://example.com and http://www.example.com would all be rewritten as https://www.example.com Same thing if the site is visited using one of its domain aliases, for example http://examplealias.com would become https://www.examplealias.com
This answer
<rule name="Force WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^[^www]" negate="true" />
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://www.example.com/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
will not work for me as I cannot hard code the domain name.
I have tried this
<rule name="Force WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^[^www]" negate="true" />
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://www.{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
but this results in https://www.www.example.com if I call http://www.example.com
What would be the right way to combine both conditions?
Okay, apparently in my case, it's better NOT to combine the rules:
<rule name="Redirect naked domains (that do NOT have a custom sub-domain) to www.domain.com" enabled="true" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^www." negate="true" />
</conditions>
<action type="Redirect" url="http://www.{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
<rule name="Redirect non-https urls to https" enabled="true" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
This works perfectly.
I am using IIS url rewrite rule to redirect from an IP Address to a domain name with the following rule.
<rule name="IPHit" enabled="true" stopProcessing="false">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="10.32.1.132" />
</conditions>
<action type="Redirect" url="https://daart-qa.sandbox.aimsplatform.com/eds-daas/{R:1}" redirectType="Permanent" appendQueryString="true" />
</rule>
Unfortunately, this results in an infinite loop redirect when I go to https://daart-qa.sandbox.aimsplatform.com/eds-daas.
How can I redirect from the IP address without having an infinite loop on dns entry?
Your rule will redirect 10.32.1.132/eds-daas to https://daart-qa.sandbox.aimsplatform.com/eds-daas/eds-daas. Is that expected behavior?
May I know your only face this infinite loop when you access specific URL or all requests hitted by IP address. What loop URL did you see in web browser developer tool?
Post the symtptom of loop URL would help us find the root cause.
Or you need to redirect request 10.32.1.132/eds-daas to https://daart-qa.sandbox.aimsplatform.com/eds-daas? If so you may need two rules side by side.
<rule name="IPHit" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="10.32.1.132" />
<add input="{REQUEST_URI}" pattern="^/eds-daas(.*)" negate="true" />
</conditions>
<action type="Redirect" url="https://daart-qa.sandbox.aimsplatform.com/eds-daas/{R:1}" redirectType="Permanent" appendQueryString="true" />
</rule>
<rule name="IP-HIT2" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="10.32.1.132" />
<add input="{REQUEST_URI}" pattern="^/eds-daas(.*)" />
</conditions>
<action type="Redirect" url="https://daart-qa.sandbox.aimsplatform.com/eds-daas{C:1}" />
</rule>
I have a website that is served in two languages. I have a domain name for each language, e.g. www.englishsite.com and www.frenchsite.com
The application knows to change languages based on adding this URL parameter:
TemplateCulture=en-CA or TemplateCulture=fr-CA.
However, I am having little success with URL rewrite functionality in web.config to map the sub-domains to the specific language.
Below are the rules I am attempting to use. This isn't working for me, and I am hoping someone can point me in the right direction!
<rewrite>
<rules>
<rule name="redirect" enabled="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^http://www.englishsite.com$" />
</conditions>
<action type="Redirect" url="http://www.englishsite.com/?{R:0}TemplateCulture=en-CA" appendQueryString="true" redirectType="Permanent" />
</rule>
<rule name="redirect2" enabled="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^http://www.frenchsite.com$" />
</conditions>
<action type="Redirect" url="http://www.frenchsite.com/?{R:0}TemplateCulture=fr-CA" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
If I understand correctly you are trying to achieve:
If user will visit homepage http://www.englishsite.com it should receive redirect to http://www.englishsite.com/?TemplateCulture=en-CA&{...something...}
If user will visit homepage http://www.frenchsite.com it should receive redirect to http://www.frenchsite.com/?TemplateCulture=fr-CA&{...something...}
Then you rules should be like that:
<rule name="redirect" enabled="true">
<match url="^$" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www.englishsite.com$" />
</conditions>
<action type="Redirect" url="http://www.englishsite.com/?TemplateCulture=en-CA" appendQueryString="true" redirectType="Permanent" />
</rule>
<rule name="redirect2" enabled="true">
<match url="^$" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www.frenchsite.com$" />
</conditions>
<action type="Redirect" url="http://www.frenchsite.com/?TemplateCulture=fr-CA" appendQueryString="true" redirectType="Permanent" />
</rule>
Explanation of rules above:
<match url="^$" /> will match only for homepage
<add input="{HTTP_HOST}" pattern="^www.englishsite.com$" /> will create condition when domain name www.englishsite.com
<action type="Redirect" url="http://www.frenchsite.com/?TemplateCulture=fr-CA" appendQueryString="true" redirectType="Permanent" /> will make redirect with culture specific querystring. I removed {R:0} because IIS URL rewrite module will append it automatically because you set appendQueryString="true"
I would like to match exactly https://internet.dev.local/KYR url (without / into end) and redirect or rewrite to https://internet.dev.local/KYR/ (with /).
I am trying the following rule but it matches other URLs as well e.g. https://internet.dev.local/KYR/Admin/Form/Default.aspx?signup=false, which is wrong.
so how can I achieve this?
<rule name="Static redirect" patternSyntax="ExactMatch" stopProcessing="true">
<match url="https://internet.dev.local/KYR" negate="true" />
<conditions>
</conditions>
<action type="Redirect" url="/Login/?ReturnUrl=/Member/KYR/" redirectType="Permanent" />
</rule>
If you need to test the host and protocol you have to put it in the conditions, not in the global rule.
Following your example, it would be as follow:
<rule name="test" patternSyntax="ExactMatch" stopProcessing="true">
<match url="KYR" />
<action type="Redirect" url="/KYR/" redirectType="Permanent" />
<conditions>
<add input="{HTTP_HOST}" pattern="internet.dev.local" />
<add input="{HTTPS}" pattern="on" />
</conditions>
</rule>
I have changed the url in the action because your question says:
redirect or rewrite to https://internet.dev.local/KYR/ (with /).
EDIT:
To get it to work on any host (with or without SSL), just remove the conditions:
<rule name="test" patternSyntax="ExactMatch" stopProcessing="true">
<match url="KYR" />
<action type="Redirect" url="/KYR/" redirectType="Permanent" />
</rule>
I'm really stuck on this one...
Basically, I'm trying to make 2 pages always over SSL using the URLRewrite add-on for IIS. But I also need to force all other pages to HTTP (sigh - don't ask).
But if I force other pages over HTTP, then when you view the SSL page you'll get the security warning. I tried to solve this by checking if the HTTP_REFERER is the SSL page then let it be sent over SSL for that page only. This doesn't work because if someone clicks a link on the SSL page then it will stay over SSL.
Is this even possible?...
This is as far as I got so far:
<rewrite>
<rules>
<rule name="Force HTTPS Login" stopProcessing="true">
<match url="(.+)login.aspx" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
</rule>
<rule name="Force HTTPS Payments" stopProcessing="true">
<match url="(.+)payments.aspx" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
</rule>
<rule name="Others Force HTTP" stopProcessing="true">
<match negate="true" url="((.+)login.aspx|(.+)payments.aspx)" />
<conditions>
<add input="{HTTPS}" pattern="^ON$" />
<add input="{HTTP_REFERER}" negate="true" pattern="(.+)login.aspx" />
<add input="{HTTP_REFERER}" negate="true" pattern="(.+)payments.aspx" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
UPDATE: Found this article: Rewrite http to https on some pages only using .htaccess. No answer since March 2010...!
So what I ended up doing is:
Force HTTPS for the page(s) that required it.
Force all other pages to HTTP EXCEPT for the page(s) in point#1 and the "/styles" and "/images" folders that are referenced on these pages.
Since the pages use relative paths, they automatically use the styles/images over HTTP/HTTPS respectively.
<rewrite>
<rules>
<rule name="Force HTTPS Login" stopProcessing="true">
<match url="(.*)/login.aspx" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
</rule>
<rule name="Others Force HTTP" stopProcessing="true">
<match url="(((.*)/login.aspx)|((.*)/styles(.*))|((.*)/images(.*)))" negate="true" />
<conditions>
<add input="{HTTPS}" pattern="^ON$" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>