Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

URL rewrite to redirect all URL variants to https://www.mydomain.com

Posted on 2016-10-14
11
Medium Priority
?
183 Views
Last Modified: 2016-10-19
I have a URL and I have applied an SSL certificate to the www variant https://www.mydomain.com. I would like all variations of this domain to point to https://www.mydomain.com,

So for example the following domains should redirect to https://www.mydomain.com:

  • http://www.mydomain.com
  • http://mydomain.com
  • https://mydomain.com

The website is hosted on a windows 2008 server running IIS7.5 and I have created some rules in the web.config file using URL Rewrite. However the following domains do not redirect:

  • http://mydomain.com
  • https://mydomain.com

Here are the rules I currently have:

<!-- Redirect http non www to https www -->
<rule name="Redirect http://mydomain.com to www" patternSyntax="Wildcard" stopProcessing="true">
  <match url="*" />
  <conditions>
	<add input="{HTTP_HOST}" pattern="mydomain.com" />
  </conditions>
  <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>

<!-- Redirect http to https -->
<rule name="Redirect http to https" enabled="true">
	<match url="(.*)" ignoreCase="false" />
	<conditions>
		<add input="{HTTPS}" pattern="off" />
	</conditions>
	<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>

Open in new window


I would appreciate some assistance in getting this to work using a URL rewrite. Ideally I would prefer to replace the above with a single rule.
0
Comment
Question by:mike99c
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 65

Accepted Solution

by:
btan earned 1500 total points
ID: 41844701
Probably you can try out this rule which quite similar to yours but they combine the condition and check for www too.

Besides the three tested Url, need to verify whether it suggested example can work for "https://mydomain.com" which we may want to change it with wildcard for the "www"

https://www.orderfactory.com/articles/IIS-URL-Rewrite-to-HTTPS.html
0
 

Author Comment

by:mike99c
ID: 41844740
Thanks btan for this. It has definitely improved. I tested it in Firefox after I cleared the cache of cookies and history. Previously when I typed mydomain.com it immediately redirected to https://mydomain.com which flagged the security warning. Now it redirects to https://www.mydomain.com which is what I want.

The problem remains however that if I type in https://mydomain.com it does not redirect at all and the security warning appears.
0
 
LVL 65

Expert Comment

by:btan
ID: 41844875
We may need to enforce prefix www. Pls see http://madskristensen.net/post/url-rewrite-and-the-www-subdomain
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:mike99c
ID: 41844898
I tried the enforce www rule and it still does not work. I tried it both before and after the http to https redirect rule and it fails for both cases.
0
 
LVL 65

Expert Comment

by:btan
ID: 41844901
I suggest you remove all the existing code and include only the https redirection for domain.com to www.domain.com.

I suspect it is due to the warning as the SSL Certificate is causing HTTPS not to match. For example, the SSL cert used for yiur webserver is only for www.domain.com but not domain.com. You can either have a wildcard *.domain.com cert or a cert with SAN to have the domains included.
0
 

Author Comment

by:mike99c
ID: 41844911
Hi btan, it is true that the certificate is only set up for www.domain.com and not domain.com. I was hoping to avoid the extra expense of applying it to the non www hoping that the redirect would do the trick.

Is there any reason why the redirect cannot work in this case?
0
 
LVL 65

Expert Comment

by:btan
ID: 41844978
you can try access https://domain.com and see the SSL certificate presented if any from your browser. The SSL certificate subject may not be referring to domain.com but instead www.domain.com, hence SSL will not be completed. The rewrite will only kicked in after the HTTP connection is established.
I get in the SSL Server Test:
Prefix handling Not valid for "domain.com"   CONFUSING
 
Why is it confusing if a certificate is only valid for www.domain.com and not also in addition for domain.com?
 
Well, because your certificate does not include a SAN for domain.com, you cannot use this current SSL server certificate for securing https://domain.com, as no SSL client will trust this connection.
http://discussions.citrix.com/topic/366491-redirect-httpsdomaincom-to-httpswwwdomaincom/

also for SSL Server Certificate trust problems, try testing your SSL setup using https://www.ssllabs.com/ssltest/
0
 
LVL 65

Expert Comment

by:btan
ID: 41844981
another that I saw
For a safer rule that works for both Match Any and Match All situations, you can use the Rewrite Map solution....You can create a Rewrite Map called MapProtocol, you can use {MapProtocol:{HTTPS}} for the protocol within any rule action.

<rewrite>
  <rules>
    <rule name="Redirect to www" stopProcessing="true">
      <match url="(.*)" />
      <conditions trackAllCaptures="false">
        <add input="{HTTP_HOST}" pattern="^domain.com$" />
      </conditions>
      <action type="Redirect"
        url="{MapProtocol:{HTTPS}}://www.domain.com/{R:1}" />
    </rule>
  </rules>
  <rewriteMaps>
    <rewriteMap name="MapProtocol">
      <add key="on" value="https" />
      <add key="off" value="http" />
    </rewriteMap>
  </rewriteMaps>
</rewrite>
0
 

Author Comment

by:mike99c
ID: 41844990
Thanks btan, I tried the rewrite maps solution and it did not work. I had the same issue.

From your previous post, are you saying that if I applied the SSL certifictae to https://domain.com that the redirect rule would work?
0
 
LVL 65

Expert Comment

by:btan
ID: 41845024
You can try as I still suspect it is the ssl cert. Check your SSL cert subject name and SAN for any "domain.com" and if there is none, chances the rewrite will not work.
0
 

Author Closing Comment

by:mike99c
ID: 41850902
Works ok apart from the non www https.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question