I'm trying to rewrite some urls and i've done this in the past but for some reason it just won't stick this time. Here's the rule:
<rule name="Force HTTPS - Test.aspx" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^Templates/Test\.aspx" />
<conditions>
<add input="{HTTP_HOST}" pattern="^my\.domain\.com$" />
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://my.domain.com/Templates/test.aspx" />
</rule>
It should be taking http://my.domain.com/Templates/test.aspx and redirecting to https://my.domain.com/Templates/test.aspx.
Unfortunately it's not working at all, no matter what i try....
I figured out that IIS was configured to force SSL on the files I tried redirecting. That meant it would return an HTTP 403 error before even checking the url rewrite rules.
Hope that helps someone else.
Related
We have a bunch of websites hosted in IIS using Flex. There are quite a lot of Rewrite/Redirect rules for each of them. One of them now needs a Rewrite rule to direct a non-www url to a www url. Have already tried quite a few popular solutions from various sites including other SO question. The last I tried is as following, without much to avail:
<rule name="Redirect to WWW" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^your.domain.name$" />
</conditions>
<action type="Redirect" url="http://www.your.domain.name/{R:0}" redirectType="Permanent" />
</rule>
Ensure you have the latest URL Rewrite extension.
https://www.iis.net/downloads/microsoft/url-rewrite
Before testing the result, please clean the local cache. We had better verify it in an inprivate window.
Besides, Failed Request Tracing is a powerful tool for troubleshooting request-processing failures. FRT can be used with the URL rewrite module to trace how rewrite rules were applied to the request URL.
https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/using-failed-request-tracing-to-trace-rewrite-rules
At last, please try the below configuration.
<rule name="Force www" enabled="true" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^example\.com$" />
</conditions>
<action type="Redirect" url="https://www.example.com{REQUEST_URI}" />
</rule>
Feel free to let me know if the problem still exists.
I need to redirect all https requests to http, for example, if someone visits https://www.example.com/another-page/ to http://www.example.com/another-page/
I have the following rewrite rule in my web.config right now, but it's not working correctly. It's redirecting https://www.example.com/another-page/ to https://www.example.com/, so to the root of the site, but instead I want the redirect to stay in the same URL and only rewrite https to http.
<rule name="Redirect to HTTP" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{R:1}" pattern="^onepage/(.*)$" negate="true" />
<add input="{HTTPS}" pattern="^ON$" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
</rule>
Any help on changing the above rule so that it only changes https to http, but keeps the full url visited would be greatly appreciated!
I set up your rule, cleaned up a little, and it worked; so this isn't really answering with much new.
Suggestion: Remove the onepage input condition just for testing, as cheesmacfly suggested in the question comment.
Also, try changing the action to {R:1} instead of {R:0}. It shouldn't matter in this case, but I just like using 1 and up, to match the specific capturing group. R:0 means the entire matched string, which always confuses me just a little.
<rule name="Redirect to HTTP" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^ON$" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
One possibility is that your browser has cached a previous attempt of your rules. When the redirectType is Permanent, and you're still developing or testing, the browser often caches a previous rule. Clear your browser cache, and/or remove the Permanent, and/or browse in incognito mode. When done testing, change it to permanent. See number 2 and 3 in this answer: https://stackoverflow.com/a/9204355/292060
Please paste the below code in web.config file.
<rule name="Redirect to http" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="http://{HTTPS_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
I am trying to force the use of http on all pages of our site with the exception of a checkout page. I have used the rewrite rule below but it doesn't work with the www sub-domain in the url.
If I use https://domain.com it successfully redirects to http://www.domain.com but if I try https with www nothing happens. Please note that there is also a canonical domain name redirect in place but this issue still happens without this rule.
<rule name="No-https" enabled="true" stopProcessing="true">
<match url=".*" negate="false" />
<action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" />
<conditions>
<add input="{HTTPS}" pattern="on" />
<add input="{URL}" pattern="CheckOut" negate="true" />
</conditions>
</rule>
This has been driving me nuts all morning, I'm hoping someone with more experience of IIS rewrites can give me some help.
Spent a few hours on a similar issue. In my case I'm redirecting traffic from http to https and I want to do the same where sub domains are in use, e.g. http://subdomain.mydomain.com rewrites to https://subdomain.mydomain.com. It seems that for IIS 7.5 at least you need to add a http binding in IIS for each specific subdomain or it will not be picked up by the catch all matching below.
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
For local dev testing, I need to catch all requests to www.somedomain.com/XXX (where X is the path), and send them on to localhost/somevdir/XXX.
I've added this to my HOSTS file (c:\windows\system32\drivers\etc):
127.0.0.1 www.mydomain.com
Then, in IIS8 (Windows 8), I've added a binding to my "Default Web Site" for the host www.mydomain.com. This works, I can now browse www.mydomain.com/test.html and see a test html page. My virtual dir is inside the Default web site. I then add a URL Rewrite URL to the web site for the last bit:
<rewrite>
<rules>
<rule name="mydomain.com" stopProcessing="true">
<match url="^www.mydomain.com/(.*)" />
<action type="Rewrite" url="localhost/MyVDir/{R:1}" logRewrittenUrl="true" />
</rule>
</rules>
</rewrite>
But - that doesn't work. I get a 404 so it looks the the match never happens. I've tried redirect and rewrite, and I've tried without the ^ in the regex and a few other regex tweaks. Can someone explain what I've done wrong?
I think the following should work:
<rule name="mydomain.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^(mydomain\.com|www\.mydomain\.com)$" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Redirect" url="http://localhost/MyVDir/{R:1}" redirectType="Temporary" />
</rule>
The match on any URL makes sure the conditions are checked, and the HTTP_HOST server variable seems the most reliable way of checking the requested hostname. You could remove the REQUEST_FILENAME input condition, but it works as quite a nice sanity check to make sure static files are always served.
The following is better for catching both www. and non-www. versions of the domain so that you don't have to write the domain twice, which could possibly cause errors with being twice as likely to write a typo. (The parenthesis with the ? character means optional in regex terms.)
<rule name="mydomain.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^(www.)?mydomain\.com$" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Redirect" url="http://localhost/MyVDir/{R:1}" redirectType="Temporary" />
</rule>
So I have been trying to rewrite using the following:
<rules>
<rule name="HttpToHttps" stopProcessing="true"/>
<match url="(.*)"/>
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{URL}"/>
</rule>
<rules>
In two environments, this redirects like it should. In a third environment, it doesn't work. It doesn't work in the sense of, looking at a fiddler log, I see the http call with the full url. When it redirects to https, it removes everything after the HTTP_HOST.
So using the following url:
nonsecure://www.mysite.com/page.aspx?var1=1&var2=2
In two environments, it becomes
secure://www.mysite.com/page.aspx?var1=1&var2=2
In the third it becomes:
secure://www.mysite.com
I tried rewriting it as https://{HTTP_HOST}{HTTP_URL} and that doubled the {URL} in the first two environments:
secure://www.mysite.com/page.aspx?var1=1&var2=2&var1=1&var2=2
I'm not very experienced with web.configs, kinda learning as I go, so if anyone has any input as to what's going on here, it would be greatly appreciated. If it has any bearing on anything, the third environment is on two servers that are load balanced.
Ruslany has several IIS URL Rewrite examples on his blog, HTTP to HTTPS is one of them:
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
See http://ruslany.net/2009/04/10-url-rewriting-tips-and-tricks/ for more.