IIS is re-writing my header('location and altering the URL

I've got a weird one here that I really need help with

I have a bit of PHP code that is used for payments, as of today the server it is on is being proxied though IIS, all has been working fine.

Now, when the page is called rather than going to the URL specified in the header( Location it re-writes it to the current site URL, then adds the rest.


I'm on my site http://www.aaa.co.uk, and my header refresh page is called, this should send me to http://www.bbb.co.uk/this-is-a-test/page

header('Location: http://www.bbb.co.uk/this-is-a-test/page');

What actually happens is the page redirects and rewrites the www.bbb.co.uk to www.aaa.co.uk trying to take me to:


Using meta refresh or opening a new window using JS works perfectly and keeps the required bbb URL

Any ideas please, its killing me :)
Neil ThompsonSenior Systems DeveloperAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
do you have url rewrite/or http redirection  enabled on that site in iis? if so then you probably want to disable it.
Dave BaldwinFixer of ProblemsCommented:
I have never seen PHP header get changed on IIS 5, 6, or 7.  I think there's more to your code than you are telling us.
Neil ThompsonSenior Systems DeveloperAuthor Commented:
Thanks, annoyingly the IIS is controlled by a 3rd party at present as they are proxying /capitapay through to this server from the website.

They are still saying its not IIS but I'm sure it is as this demo should prove:


// http://www.shepway.gov.uk/capitapay/fund/ctx/test.php

$location = "https://sbs.e-paycapita.com:443/scp/scpcli?ssk=gybitihsltss6ng27sp56tivneg1ewa";
header('Location: ' . $location);


Open in new window

If you click on this test link: http://www.shepway.gov.uk/capitapay/fund/ctx/test.php you will see that the URL is re-written and the https://sbs.e-paycapita.com:443 is removed leaving the URL http://www.shepway.gov.uk/scp/scpcli?ssk=gybitihsltss6ng27sp56tivneg1ewa 

There are no other pages involved so there are no other influences changing the URL
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Dave BaldwinFixer of ProblemsCommented:
No, I'm just getting a 404 Not Found.
David Johnson, CD, MVPOwnerCommented:
Neil ThompsonSenior Systems DeveloperAuthor Commented:
Thanks Dave and David

That's right, when on the Shepway site (/capitapay being proxied from the IIS server serving the site to another in the DMZ) it errors by re-writing the https://sbs.e-pay... to http://www.shepway

People sorting out the proxying and IIS say its not them but surely it is if it works when you move the code away, and it works?
David Johnson, CD, MVPOwnerCommented:
I'm convinced that it is not your code nor is it a normal iis experience. Unfortunately you don't have control over either the proxy or iis configurations .. I'd be tempted to move the site out of there.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Neil ThompsonSenior Systems DeveloperAuthor Commented:
moving any of the servers is not an option :(
Neil ThompsonSenior Systems DeveloperAuthor Commented:
Thanks Guys, still not working but Its not my code, rather something on the 3rd party site that I need them to take ownership of :(
Neil ThompsonSenior Systems DeveloperAuthor Commented:
Just thought I would revisit this in case it helps anyone with a similar situation.

In the end the fix (although I don't know why) was simple. Rather than calling the URL to be opened using the standard HTTP:// prefix I simply used the now more common // prefix (excluding the http:) and it worked instantly.

Since then I've had the issue (and fixed it this way) on a few jobs for different clients.

Hope it helps :) Neil
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.