Blake Weaver
asked on
IIS 7 URL rewrite module issues
I am using the url rewrite module 2.0 in IIS7 to redirect all http requests to https requests.
<rule name="http to https" enabled="false" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll"
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}:{R:1}" />
</rule>
It works great but now it doesnt work for old static links. For example, the url: http://mywebsite.com/findme used to work but with the rule it doesnt redirect it to https://mywebsite.com/findme What is the best way to fix this for static links? Do i tweak my current redirect rule or should a create a new rule and give it higher priority. IF so what should the new rule look like. I have taken many guesses with no luck.
<rule name="http to https" enabled="false" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll"
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}:{R:1}" />
</rule>
It works great but now it doesnt work for old static links. For example, the url: http://mywebsite.com/findme used to work but with the rule it doesnt redirect it to https://mywebsite.com/findme What is the best way to fix this for static links? Do i tweak my current redirect rule or should a create a new rule and give it higher priority. IF so what should the new rule look like. I have taken many guesses with no luck.
ASKER
Hey Greg, thanks for your response but the only different from your rule and mine is for pattern you had "off" instead of "^OFF$"
I tried it with just "OFF" and it still doesn't work when adding the /find in the http url. Here is a screenshot of my IIS if that helps.
iisrewrite.PNG
I tried it with just "OFF" and it still doesn't work when adding the /find in the http url. Here is a screenshot of my IIS if that helps.
iisrewrite.PNG
is your IIS set to restart on config changes? if not, you need to restart app pool, site, or server to read changes out of the config file
My rule only has off - looks like the only thing different between the two.
My rule only has off - looks like the only thing different between the two.
ASKER
I restarted IIS, and app pool. Still doesnt work with just "off" Like i said in my original post, it works fine when you type in base url. http://mywebsite.com forwards to https://mywebsite.com but when you add the static link /find it doesnt work. http://mywebsite.com/find says page cannot be displayed.
I even reset my browser caching.
I even reset my browser caching.
My Https rule is in %system%\inetserv\applicat
If you turn off that rule does it work with /find appended?
Do you have failed request logging enabled?
What's the http error you are getting?
If you turn off that rule does it work with /find appended?
Do you have failed request logging enabled?
What's the http error you are getting?
ASKER
i am configuring it from the IIS icon. Downloaded the extension from http://www.iis.net/downloads/microsoft/url-rewrite
see attachment
i dont see anything in my iis logs except this:
2016-01-06 05:17:06 10.1.101.155 GET /find - 80 - 108.64.192.171 Mozilla/5.0+(Windows+NT+6.
iisrewrite2.PNG
see attachment
i dont see anything in my iis logs except this:
2016-01-06 05:17:06 10.1.101.155 GET /find - 80 - 108.64.192.171 Mozilla/5.0+(Windows+NT+6.
iisrewrite2.PNG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Failed request tracing isn't enabled on your system. it's in programs and features. 'Tracing'
applicationhost.config is global config file for webserver. when you are on the control panel for the webserver, these setting get saved to that file.
as this rule works, the /find issue is in another place.
applicationhost.config is global config file for webserver. when you are on the control panel for the webserver, these setting get saved to that file.
as this rule works, the /find issue is in another place.
You should never place a URL Redirect in the applicationhost.config file!
Any changes made to this file will affect every website running on the server. Unless you know specifically what you are doing, meaning a very good and deep understanding of IIS, I would stay away from making changes to this file.
Any URL Redirects should be placed in the specific web.config associated with the website where you want the redirect to run.
The rewrite rule(s) should be placed in the <system.webServer> element in the site's (not the server's) web.config.
Dan
Any changes made to this file will affect every website running on the server. Unless you know specifically what you are doing, meaning a very good and deep understanding of IIS, I would stay away from making changes to this file.
Any URL Redirects should be placed in the specific web.config associated with the website where you want the redirect to run.
The rewrite rule(s) should be placed in the <system.webServer> element in the site's (not the server's) web.config.
Dan
ASKER
Thanks Dan, yes i agree with your comments and that is where the rule is in my environment(web.config). I had it set to false on purpose since it wasnt working but when enabled the link isn't forwarding properly and we are already in production so i didn't want to have a dead page so i have temporarily turned off HTTPS forcing until i can fix it. Any other suggestions?
Dan, I would be interested to know why you wouldn't want the url redirect in applicationhost.config?
All of the sites on my webservers need this rule. set it once and forget it.
Blake,
does your appended /find work without https redirect?
have you enabled failed request tracing yet?
All of the sites on my webservers need this rule. set it once and forget it.
Blake,
does your appended /find work without https redirect?
have you enabled failed request tracing yet?
Because site redirect are specific to sites. I would consider your situation a special case. In most cases, not every website will have an SSL Certificate, therefore rendering a rewrite rule in a global configuration an extra step to processing a request.
In a situation where you have a small number of sites completely under your control, then it could be safe. But in situations where you have large numbers of site in operation, I would not recommend dropping a rewrite in the applicationhost.config file.
Plus, from a troubleshooting viewpoint, you now have to look at, not only the web site config but now the server configuration in order to isolate a potential issue.
Again, this is only my recommendation. I have a large number of sites in operation... some on the Internet, some not. In neither situation would I put a "set and forget" URL rewrite rule in the applicationhost file.
Dan
In a situation where you have a small number of sites completely under your control, then it could be safe. But in situations where you have large numbers of site in operation, I would not recommend dropping a rewrite in the applicationhost.config file.
Plus, from a troubleshooting viewpoint, you now have to look at, not only the web site config but now the server configuration in order to isolate a potential issue.
Again, this is only my recommendation. I have a large number of sites in operation... some on the Internet, some not. In neither situation would I put a "set and forget" URL rewrite rule in the applicationhost file.
Dan
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@Dan, i am ashamned to say when copying and pasting your rule in the web config it worked. My rule, although looked the same, was generated by the IIS URL rewrite module extension. Blows my mind how it would be different. Thanks! One more question, what about removing the www's from the url so we can get better tracking and not have both https://www.mywebsite.com and https://mywebsite.com
@Greg when i enabled failed request tracing nothing showed up in the error log even though i would get page cannot be displayed in my browser.
@Greg when i enabled failed request tracing nothing showed up in the error log even though i would get page cannot be displayed in my browser.
there are two steps to enable Failed request tracing.
enable at the server level, configure at the site level
you'll love this for dev and troubleshooting
enable at the server level, configure at the site level
you'll love this for dev and troubleshooting
<rule name="Force HTTPS" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>