Geek Answers Handbook

IIS rewrite rule does not work in a live environment

I have 4 servers in blue, 3 are load balanced, and 4 are for CMS purposes only.

An SSL certificate has been added for the main website, but not for the sobdomain that CMS runs on.

I wrote a rule that should find some kind of URL that does not contain "backoffice" and matches any other page in order to change it to https.

This works on regexr.com but for some reason does not work

<rewrite> <rules> <rule name="http to https" stopProcessing="true"> <match url="(https?:\/\/(?!backoffice).*)" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> </conditions> <action type="Redirect" url="https://www.WEBSITENAME.com{R:1}" /> </rule> </rules> </rewrite>

Url Rewriting 2.1 is installed on all 4 servers, and I created a load balance set in azure for https.

switching to https manually works fine (along with load balancing).

Additional Information:

I tried many rules, including the existing answer. I can see what happens, for example, as https, but the page itself is not redirected.

There are two sets of load balancing, one for port 80 and the other for port 443. I don’t know if this is the reason, or there could be a potential reason that the redirect is not happening.

+8
regex url-rewriting iis azure
source share
2 answers

Using the previous answer as a starting point, I made a few minor changes to use HTTP_HOST rather than REQUEST_URI to negate the template, and it works.

 <system.webServer> <rewrite xdt:Transform="InsertIfMissing"> <rules> <rule name="http to https" stopProcessing="true"> <match url=".*" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> <add input="{HTTP_HOST}" pattern="^backoffice\.WEBSITENAME\.com$" negate="true" /> </conditions> <action type="Redirect" url="https://www.WEBSITENAME.com/{R:0}" /> </rule> </rules> </rewrite> </system.webServer>
+5
source share

Your rule should be like this:

 <rule name="http to https" stopProcessing="true"> <match url=".*" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> <add input="{REQUEST_URI}" pattern="/backoffice" negate="true" /> </conditions> <action type="Redirect" url="https://www.WEBSITENAME.com{R:0}" /> </rule>

This rule will exclude requests using the /backoffice .

Also, to release mixing content, you need to fix your path for css / js / images for relatives. Example:

 <img src="/path/to/your/image.jpg"/>

Another way to fix mixed content is to create an outbound rule that changes your HTML output (replace http: with https: :

 <rewrite> ... <outboundRules> <rule name="Rewrite external references to use HTTPS" preCondition="IsHTML"> <match filterByTags="Script, Link, Img, CustomTags" customTags="HTML5Tags" pattern="^http://(.*)$" /> <action type="Rewrite" value="https://{R:1}" /> </rule> <preConditions> <preCondition name="IsHTML"> <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" /> </preCondition> </preConditions> <customTags> <tags name="HTML5Tags"> <tag name="Video" attribute="src" /> </tags> </customTags> </outboundRules> </rewrite>
+5
source share

More articles:


All Articles