Solved

URL rewrite to redirect all URL variants to https://www.mydomain.com

Posted on 2016-10-14
11
88 Views
Last Modified: 2016-10-19
I have a URL and I have applied an SSL certificate to the www variant https://www.mydomain.com. I would like all variations of this domain to point to https://www.mydomain.com,

So for example the following domains should redirect to https://www.mydomain.com:


The website is hosted on a windows 2008 server running IIS7.5 and I have created some rules in the web.config file using URL Rewrite. However the following domains do not redirect:


Here are the rules I currently have:

<!-- Redirect http non www to https www -->
<rule name="Redirect http://mydomain.com to www" patternSyntax="Wildcard" stopProcessing="true">
  <match url="*" />
  <conditions>
	<add input="{HTTP_HOST}" pattern="mydomain.com" />
  </conditions>
  <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>

<!-- Redirect http to https -->
<rule name="Redirect http to https" enabled="true">
	<match url="(.*)" ignoreCase="false" />
	<conditions>
		<add input="{HTTPS}" pattern="off" />
	</conditions>
	<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>

Open in new window


I would appreciate some assistance in getting this to work using a URL rewrite. Ideally I would prefer to replace the above with a single rule.
0
Comment
Question by:mike99c
  • 6
  • 5
11 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 41844701
Probably you can try out this rule which quite similar to yours but they combine the condition and check for www too.

Besides the three tested Url, need to verify whether it suggested example can work for "https://mydomain.com" which we may want to change it with wildcard for the "www"

https://www.orderfactory.com/articles/IIS-URL-Rewrite-to-HTTPS.html
0
 

Author Comment

by:mike99c
ID: 41844740
Thanks btan for this. It has definitely improved. I tested it in Firefox after I cleared the cache of cookies and history. Previously when I typed mydomain.com it immediately redirected to https://mydomain.com which flagged the security warning. Now it redirects to https://www.mydomain.com which is what I want.

The problem remains however that if I type in https://mydomain.com it does not redirect at all and the security warning appears.
0
 
LVL 63

Expert Comment

by:btan
ID: 41844875
We may need to enforce prefix www. Pls see http://madskristensen.net/post/url-rewrite-and-the-www-subdomain
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:mike99c
ID: 41844898
I tried the enforce www rule and it still does not work. I tried it both before and after the http to https redirect rule and it fails for both cases.
0
 
LVL 63

Expert Comment

by:btan
ID: 41844901
I suggest you remove all the existing code and include only the https redirection for domain.com to www.domain.com.

I suspect it is due to the warning as the SSL Certificate is causing HTTPS not to match. For example, the SSL cert used for yiur webserver is only for www.domain.com but not domain.com. You can either have a wildcard *.domain.com cert or a cert with SAN to have the domains included.
0
 

Author Comment

by:mike99c
ID: 41844911
Hi btan, it is true that the certificate is only set up for www.domain.com and not domain.com. I was hoping to avoid the extra expense of applying it to the non www hoping that the redirect would do the trick.

Is there any reason why the redirect cannot work in this case?
0
 
LVL 63

Expert Comment

by:btan
ID: 41844978
you can try access https://domain.com and see the SSL certificate presented if any from your browser. The SSL certificate subject may not be referring to domain.com but instead www.domain.com, hence SSL will not be completed. The rewrite will only kicked in after the HTTP connection is established.
I get in the SSL Server Test:
Prefix handling Not valid for "domain.com"   CONFUSING
 
Why is it confusing if a certificate is only valid for www.domain.com and not also in addition for domain.com?
 
Well, because your certificate does not include a SAN for domain.com, you cannot use this current SSL server certificate for securing https://domain.com, as no SSL client will trust this connection.
http://discussions.citrix.com/topic/366491-redirect-httpsdomaincom-to-httpswwwdomaincom/

also for SSL Server Certificate trust problems, try testing your SSL setup using https://www.ssllabs.com/ssltest/
0
 
LVL 63

Expert Comment

by:btan
ID: 41844981
another that I saw
For a safer rule that works for both Match Any and Match All situations, you can use the Rewrite Map solution....You can create a Rewrite Map called MapProtocol, you can use {MapProtocol:{HTTPS}} for the protocol within any rule action.

<rewrite>
  <rules>
    <rule name="Redirect to www" stopProcessing="true">
      <match url="(.*)" />
      <conditions trackAllCaptures="false">
        <add input="{HTTP_HOST}" pattern="^domain.com$" />
      </conditions>
      <action type="Redirect"
        url="{MapProtocol:{HTTPS}}://www.domain.com/{R:1}" />
    </rule>
  </rules>
  <rewriteMaps>
    <rewriteMap name="MapProtocol">
      <add key="on" value="https" />
      <add key="off" value="http" />
    </rewriteMap>
  </rewriteMaps>
</rewrite>
0
 

Author Comment

by:mike99c
ID: 41844990
Thanks btan, I tried the rewrite maps solution and it did not work. I had the same issue.

From your previous post, are you saying that if I applied the SSL certifictae to https://domain.com that the redirect rule would work?
0
 
LVL 63

Expert Comment

by:btan
ID: 41845024
You can try as I still suspect it is the ssl cert. Check your SSL cert subject name and SAN for any "domain.com" and if there is none, chances the rewrite will not work.
0
 

Author Closing Comment

by:mike99c
ID: 41850902
Works ok apart from the non www https.
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question