Azure CDN with Rewrite Rules - azure

I have an Azure CDN with a website origin for my domain and it picked www.mydomain.co.uk automatically (with no option for me to change it). I'd rather not use a Storage origin as I have automatic deployment from Github. So, azxxxxxxx.vo.msecnd.net will retrieve content from www.mydomain.co.uk and cache it locally.
However, I have a URL write rule which will redirect www.mydomain.co.uk to mydomain.com (for various SEO reasons). This will cause requests for CDN content to return a 301 redirect, rather than serving up content to the CDN for it to cache. Is there some way to stop the URL rewrite when content is requested by the Azure CDN?
You're more than welcome to see the code and URL rewrite rules at https://github.com/brentnewbury/PersonalSite/blob/master/web.config

For others who might want to know how I solved the issue, I decided to write a URL rewrite rule (see below) that looks for /cdn/ and route that through and no longer process other rules. This seems to work nicely. It means references in my HTML will look like //azxxxxxxx.vo.msecnd.net/cdn/img/pic.jpg for a image that is stored in /img/pic.jpg.
<rule name="CDN Passthrough" stopProcessing="true">
<match url="(.*)(cdn/)([\S]+)" />
<action type="Rewrite" url="{R:1}/{R:3}"/>
</rule>

Related

IIS Rewrite rule to edit content outgoing to proxy a HTTP image file?

I am trying to figure out what I would need to do for a rewrite rule to apply to tags if possible to append to the source to basically proxy the content of HTTP links.
Looks like google does it for its webmail and I need something similar for my self hosted webmail. I could ingore the Not Fully Secure warning but I want to try to finish it.
Unfortunately I dont remember how I did it in the past and I deleted the old folder to look at the web.config file that would have been in there.
This way I could look for image links with an image of http://example.com/image.png and make it https://example.org/proxy.php?url=http://example.com/image.png and then it would load the same image but now be secure. I have the php setup as needed to do this but now I need to figure out this outbound rewrite.
You can use rules like this.
<rule name="rule" preCondition="ISHTML">
<match filterByTags="A, Img" pattern="(.*)" />
<action type="Rewrite" value="https://example.org/proxy.php?url=http://{HTTP_HOST}{R:1}" />
</rule>
According to the law of image name and php page name, you can customize regular expressions to match the image you want to rewrite and the rewritten url

IIS URL Rewrite with Incoming URL

I have a strange business case where I need any time a URL is called on my web server that it is re written with the incoming URL.
Example:
Incoming URL
/site/1
URL that it is going to
/innerlink/2
In the browsers URL
/innerline/2 would show /site/1
If you can answer this question or get me to some material that could help me in doing this it would be greatly appreciated. Thanks!
The name of this approach "URL rewriting". In IIS you can achieve it with URL rewrite module.
In your case when you just need to rewrite /site/1 to /innerlink/2 you need to do the following:
Install URL rewrite module for IIS (it might be already installed)
In your web.config you need to add this rewrite rule:
.
<rule name="Laravel5" enabled="true" stopProcessing="true">
<match url="^site/1$" />
<action type="Rewrite" url="/innerlink/2" />
</rule>
And now if you will open in your browser this link {YOUR DOMAIN, IP OR HOSTNAME}/site/1 it will make request to /innerlink/2 (but browser will keep showing /site/1)
P.S. Also you can find some useful rewrite/redirect rules in this article: https://host4asp.net/top-iis-rewrite-rules/

URL ReWriting to a different server - rules are ignored and default website is answering requests

I'm struggling with IIS' URL Rewrite and ARR Modules.
Basically, here's the current state of affairs:
I have a main webserver, awnsering all of my requests. Let's name this MAINWEBSERVER.
I have a secondary server with a specific application that's working as intended if you access it internally but needs to be exposed to the outside via domain to work as a webservice. Let's name this server APPSERVER.
I wish to receive my requests on MAINWEBSERVER and rewrite the URL if it matches my wildcard.
In this case, my Wildcard is https://example.com/MYAPPLICATION* .
And my desired redirect is https://APPSERVER/MYAPPLICATION/WhateverIsLeftInTheUrl .
So here's my rule sitting on my MAINWEBSERVER:
<rewrite>
<rules>
<rule name="Rewrite to Application" patternSyntax="Wildcard" stopProcessing="true">
<match url="https://example.com/MYAPPLICATION*" />
<action type="Rewrite" url="https://APPSERVER/MYAPPLICATION{R:1}" logRewrittenUrl="true" />
</rule>
</rules>
</rewrite>
NOTE: I need the URL rewritten for certificate SAN purposes (it won't validate APPSERVER/MYAPPLICATION, so I want to use a mask that is validated by my certificate, such as https://example.com/MYAPPLICATION).
The steps I took were:
Installing ARR (activating proxy settings);
Installing URL ReWrite Module;
Configuring wildcard rule for https://example.com/MYAPPLICATION;
Configuring rewrite for https://APPSERVER/MYAPPLICATION{R:1} (in case it has querystrings I wish to keep them);
Generated personal certificates to validate HTTPS requests between MAINWEBSERVER and APPSERVER;
Whenever I make my request the rule is ignored (despite the same URL matching the wildcard perfectly) and the default website application awnsers, considering my wildcard a querystring parameter.
I've tried this both at server level and at default website level, even with Reverse Proxy Rules. I also have experimented with Fiddler and Failed Request Tracing but to no effect.
In the FRT all that is displayed is a 302 HTTP CODE and in the end a 200 Status Code when the default website loads.
Note that I believe this was working on a different server before, using this same rule although there was no default website.

How to prevent azure cdn from serving dynamic content?

How do I prevent azure cdn from serving dynamic content? I only want it to serve static files: images, scripts and css but when I choose my web app as origin it serves also the root url (/), that is a dynamic page. Can I create restrictions based on file extension?
Not at this time. Any request to the CDN edge node is going to hit the origin for the asset and cache it, whether it's dynamic or static content. The solution, then, is to ensure that your application doesn't link to any dynamic content via the CDN.
If your static content is located in specific folders (images/, css/, etc), you can prevent the CDN from reaching content outside of those folders.
In order to prevent search engines from indexing our site via the CDN domain we
have disabled site browsing on the CDN domain (except for a specific set of folders that serve resources) by adding the following urlRewrite rule to web.config:
<rule name="Deny site browsing on CDN domain" stopProcessing="true">
<match url="^(storage/|ui/)(.*)" negate="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_X_HOST}" pattern="\.azureedge.net$" />
</conditions>
<action type="CustomResponse" statusCode="404" statusReason="Not found" statusDescription="Not found" />
</rule>
Using web server as CDN origin is a "lazy" way to setup CDN. After you set it up, in your website instead of using:
/mypic.jpg
replace all the relative url with
xxx.azureedge.net/mypic.jpg
You don't really need to care about CDN is serving the dynamic content or not, you just need to pick the content you want. CDN just blindly serve the content from origin you specified.

ARR/URL Rewriter within a .net Web API application

I have two applications. One of which is going to handle authentication across a range of products. Because of this, from each one I want to rewrite a URL from each individual website to our "authentication" project. It would look something like this.
http://www.mywebsite.com/api/profile/login -> http://www.myauthentication.com/api/profile/login.
So essentially pushing the request cross domain.
For this I have setup ARR and URL Rewriting in IIS. However I can't seem to get it to work, and I have a feeling URL Rewriting is not running on requests that would normally cause a 404. I think this because on a REDIRECT request (301 redirect), the config works perfectly. When I use a rewrite, I get a generic 404 page.
The rules configuration looks as per below :
<rules>
<rule name="Route the requests for the Profile API." enabled="true" stopProcessing="true">
<match url="^profiles/(.*)" />
<action type="Rewrite" url="http://authentication.local/api/profiles/{R:1}" logRewrittenUrl="true" />
</rule>
</rules>
It should be noted that I am using the WebAPI, not MVC, which I'm not sure if that is causing issues or not. Because the redirect works but not the rewrite, I'm sure I've got everything installed OK in IIS.
For ARR, I have simply ticked "Enable Proxy" but I am unsure if I need to do anything else.
I managed to solve this by adding an ignore route for ARR.
RouteTable.Routes.IgnoreRoute("api/profiles/{*pathInfo}");

Resources