URL rewrite to redirect all URL variants to https://www.mydomain.com

I have a URL and I have applied an SSL certificate to the www variant https://www.mydomain.com. I would like all variations of this domain to point to https://www.mydomain.com,

So for example the following domains should redirect to https://www.mydomain.com:

  • http://www.mydomain.com
  • http://mydomain.com
  • https://mydomain.com

The website is hosted on a windows 2008 server running IIS7.5 and I have created some rules in the web.config file using URL Rewrite. However the following domains do not redirect:

  • http://mydomain.com
  • https://mydomain.com

Here are the rules I currently have:

<!-- Redirect http non www to https www -->
<rule name="Redirect http://mydomain.com to www" patternSyntax="Wildcard" stopProcessing="true">
  <match url="*" />
  <conditions>
	<add input="{HTTP_HOST}" pattern="mydomain.com" />
  </conditions>
  <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>

<!-- Redirect http to https -->
<rule name="Redirect http to https" enabled="true">
	<match url="(.*)" ignoreCase="false" />
	<conditions>
		<add input="{HTTPS}" pattern="off" />
	</conditions>
	<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>

Open in new window


I would appreciate some assistance in getting this to work using a URL rewrite. Ideally I would prefer to replace the above with a single rule.
mike99cAsked:
Who is Participating?
 
btanExec ConsultantCommented:
Probably you can try out this rule which quite similar to yours but they combine the condition and check for www too.

Besides the three tested Url, need to verify whether it suggested example can work for "https://mydomain.com" which we may want to change it with wildcard for the "www"

https://www.orderfactory.com/articles/IIS-URL-Rewrite-to-HTTPS.html
0
 
mike99cAuthor Commented:
Thanks btan for this. It has definitely improved. I tested it in Firefox after I cleared the cache of cookies and history. Previously when I typed mydomain.com it immediately redirected to https://mydomain.com which flagged the security warning. Now it redirects to https://www.mydomain.com which is what I want.

The problem remains however that if I type in https://mydomain.com it does not redirect at all and the security warning appears.
0
 
btanExec ConsultantCommented:
We may need to enforce prefix www. Pls see http://madskristensen.net/post/url-rewrite-and-the-www-subdomain
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
mike99cAuthor Commented:
I tried the enforce www rule and it still does not work. I tried it both before and after the http to https redirect rule and it fails for both cases.
0
 
btanExec ConsultantCommented:
I suggest you remove all the existing code and include only the https redirection for domain.com to www.domain.com.

I suspect it is due to the warning as the SSL Certificate is causing HTTPS not to match. For example, the SSL cert used for yiur webserver is only for www.domain.com but not domain.com. You can either have a wildcard *.domain.com cert or a cert with SAN to have the domains included.
0
 
mike99cAuthor Commented:
Hi btan, it is true that the certificate is only set up for www.domain.com and not domain.com. I was hoping to avoid the extra expense of applying it to the non www hoping that the redirect would do the trick.

Is there any reason why the redirect cannot work in this case?
0
 
btanExec ConsultantCommented:
you can try access https://domain.com and see the SSL certificate presented if any from your browser. The SSL certificate subject may not be referring to domain.com but instead www.domain.com, hence SSL will not be completed. The rewrite will only kicked in after the HTTP connection is established.
I get in the SSL Server Test:
Prefix handling Not valid for "domain.com"   CONFUSING
 
Why is it confusing if a certificate is only valid for www.domain.com and not also in addition for domain.com?
 
Well, because your certificate does not include a SAN for domain.com, you cannot use this current SSL server certificate for securing https://domain.com, as no SSL client will trust this connection.
http://discussions.citrix.com/topic/366491-redirect-httpsdomaincom-to-httpswwwdomaincom/

also for SSL Server Certificate trust problems, try testing your SSL setup using https://www.ssllabs.com/ssltest/
0
 
btanExec ConsultantCommented:
another that I saw
For a safer rule that works for both Match Any and Match All situations, you can use the Rewrite Map solution....You can create a Rewrite Map called MapProtocol, you can use {MapProtocol:{HTTPS}} for the protocol within any rule action.

<rewrite>
  <rules>
    <rule name="Redirect to www" stopProcessing="true">
      <match url="(.*)" />
      <conditions trackAllCaptures="false">
        <add input="{HTTP_HOST}" pattern="^domain.com$" />
      </conditions>
      <action type="Redirect"
        url="{MapProtocol:{HTTPS}}://www.domain.com/{R:1}" />
    </rule>
  </rules>
  <rewriteMaps>
    <rewriteMap name="MapProtocol">
      <add key="on" value="https" />
      <add key="off" value="http" />
    </rewriteMap>
  </rewriteMaps>
</rewrite>
0
 
mike99cAuthor Commented:
Thanks btan, I tried the rewrite maps solution and it did not work. I had the same issue.

From your previous post, are you saying that if I applied the SSL certifictae to https://domain.com that the redirect rule would work?
0
 
btanExec ConsultantCommented:
You can try as I still suspect it is the ssl cert. Check your SSL cert subject name and SAN for any "domain.com" and if there is none, chances the rewrite will not work.
0
 
mike99cAuthor Commented:
Works ok apart from the non www https.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.