Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 499
  • Last Modified:

HTTPS Redirect in IIS - exclude a site

I have a few sites housed on a server 2008 server.  I set up a HTTPSRedirect site to redirect everything from http to https, minus two sites.  Everything works great.

I'm trying to add one more site; however, it is doing the redirect to the https from http, and I can't for the life of me figure out how I excluded sites in the past from this redirect.

What additional info do you need?
0
dzirkelb
Asked:
dzirkelb
3 Solutions
 
Big MontySenior Web Developer / CEO of ExchangeTree.org Commented:
i think you can do something like the following. Be sure to put it first so it executes before your working rule already in place

<rule name="block" stopProcessing="true">
    <match url="^www.siteToExclude.com$" />
    <action type="None" />
</rule>

Open in new window


also, here's a good reference to help you understand url rewiting better:

http://www.iis.net/learn/extensions/url-rewrite-module/url-rewrite-module-configuration-reference
0
 
Kyle AbrahamsSenior .Net DeveloperCommented:
there's usually an IIS rewrite URL in the site.

IIS Screenshot
0
 
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
You said, "I set up a HTTPSRedirect site to redirect everything from http to https, minus two sites."

I hope I am reading this wrong, are you saying you set up one site that does all the redirection for multiple sites?  

How are you currently redirecting now?  
Are you using something like
Response.Status="301 Moved Permanently"
Response.AddHeader "Location","https://www.mysite.com.coml"

Open in new window

or
If Request.ServerVariables("SERVER_PORT")=80 Then
      Dim strSecureURL
      strSecureURL = "https://"
      strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME")
      strSecureURL = strSecureURL & Request.ServerVariables("URL")
      Response.Redirect strSecureURL
   End If

Open in new window

or
response.redirect "https://mysite.com"

Open in new window

or are you using a web.config file you created by hand or via iis?
0
 
dzirkelbAuthor Commented:
I'm using the middle option, and a hand written web.config file.

This sever houses all internal applications, nothing external.  We however wanted to put a ssl cert on it, so instead of just changing everyone's favorites and all our ice aged web pages that had bad, hard coded web addresses, I put a redirect from http to https instead.

Somehow, it is working now, I think my settings / changes just weren't taking before.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now