I have an IIS website at mydomain.com/mywebsite which has a URL rewrite request that for any requests to a 'maps' path (mydomain.com/mywebsite/maps) through the website, it will redirect requests to an external site to retrieve mapping image tiles that display on the page.
If someone tries to go to mydomain.com/mywebsite/maps on their browser, I do not want it to be accessible as I want to restrict these requests only to the website.
How can I set up a restrict rule in IIS to configure this?
You can try to create a request blocking rule for this, here a example for you as reference:
<rule name="RequestBlockingRule1" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{URL}" pattern="^maps$" />
</conditions>
<action type="AbortRequest" />
</rule>
I have managed to restrict access to the URL path by adding an HTTP_REFERER condition in my URL inbound rewrite rule so it only accepts requests from my website domain which seems to work.
<conditions>
<add input="{HTTP_REFERER}" pattern="*mywebsite.com*" />
</conditions>
Related
I am attempting to create a redirect rule to direct all traffic to one of my pages on my old site to my new site. I have created this rules in the parent web.config on my old IIS server:
<rule name="redirect to survey domain" stopProcessing="true">
<match url="takesurvey" />
<conditions>
<add input="{HTTPS}" pattern="^emory.zanek.net$" />
</conditions>
<action type="Redirect" url="https://survey.zanek.net/{R:1}" redirectType="Temporary" />
</rule>
Essentially I want to redirect all traffic for the specific page takesurvey to a new survey domain. So if the user navigates to:
https://emory.zanek.net/goalw4/takesurvey.aspx?id=fasidisdf
it should redirect to:
https://survey.zanek.net?id=fasidisdf
However, When I applied the rule, and then I navigate to https://emory.zanek.net/goalw4/takesurvey.aspx?id=fasidisdf, it just hangs forever. What am I missing here?
You are specifying {HTTP_HOST} but both of your URLs are HTTPS which operates on a different TCP protocol.
For your simple scenario I would just change {HTTP_HOST} to {HTTPS} in your input line.
For more information about this and robust ways to implement more complex/multiple cross types, see the link below.
Web config rewrite HTTPS
I would like to redirect a specific site from one domain to another and i have tried the following URL redirect. Not sure where i am going wrong.
I have an app at http://www.a.b.com/myapp/index.aspx
I would like to redirect it to
http://www.a.c.com/myapp/index.aspx
<rule name="testredirect" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^myapp/index.aspx$" />
<action type="Redirect" url="http://www.a.c.com/{R:0}" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www.a.b.com$" />
</conditions>
</rule>
The rule work perfectly on my side. Please try to clean browser cache and post your detailed error message. Please ensure you are running the rule in the right place and has been enabled.
Besides, please check whether the incoming request is reaching the correct application pool.
I setup a redirect from one domain (https://test.mydomain.com) to another URL (http://testing.com/test/Login.aspx) and I want to keep the domain name in the address bar. Basically, Redirect website visitors to another site, but do not show them the destination address, so they do not know about the redirection.
This is for a windows server 2008 r2, running iis 7. I would like to amend the web.config file.
I expect the redirect to keep the original domain (https://test.mydomain.com).
According to your description, I suggest that you use URL Rewrite.
First add the condition to check whether URL is a https request, then add another condition to check the domain of URL. Add the rule below to your web.config file.
<rule name="test url rewrite">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="on" />
<add input="{HTTP_HOST}" pattern="test.mydomain.com" />
</conditions>
<action type="Rewrite" url="http://testing.com/test/Login.aspx" />
</rule>
I am getting 404 when trying to access domain like https://www.example.com I get 404.
I have the following rewrite rules:
<rules>
<rule name="Redirect-HTTP-HTTPS-IIS">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="CanonicalHostNameRule1">
<match url="(.*)"/>
<conditions>
<add input="{HTTP_HOST}" pattern="^example\.com$" negate="true"/>
</conditions>
<action type="Redirect" url="https://example.com/{R:1}"/>
</rule>
</rules>
Accessing https://www.example.com will get eventually to https://example.com. My problem is that some serves like Google webmaster tools validation can't verify the site because the page returns not found, although at the end it redirects to https://example.com.
http://example.com does show 301 redirect to https://example.com. It's only when I add www it doesn't show 301 redirect, although the server doe eventually redirects it to the right location.
How changes to the write rules I need to make so accessing https://www.example.com will be recognize as 301 redirect to https://example.com. I think that because of the multiple rules the page send not found.
Maybe there is a way to write it as a single rule that redirects 301 that includes both rules, so it will redirect URLs with HTTP or/and WWW to the one with HTTPS and non-WWW URLs.
Update: I inspected chrome Network and in the Status column, it say (canceled) for type Document and it shown on red. It might be due to IIS returning 404 because the HTTPS for domain with WWW is not certified. Is there any way around this?
Using IIS8.5 / ASP.NET 4.5
Thanks.
I needed to create an SSL certificate for the WWW version of the site as well. Once I did it, the redirection worked as intended.
I have multiple domains pointing to one hosting location.
I wish to establish one of the domains as my main domain and therefore I wish to perform a 301 redirect to this main domain whenever a user accesses my site from a secondary domain.
For example:
www.example.com
This is my main domain. I want all other domains associated with my site to redirect to here.
If a user comes in on:
www.test.com or
www.test.com/anypage
etc.
Then I want the user to be redirected to the example version of that page.
How do I do this using the web.Config file of my application? The reason I ask is that usually my web hosting provider has a tool in their back office that allows me to setup this redirect however, our client has opted for a different hosting provider that do not provide such a tool.
I have attempted to do this redirect using the following code but it doesn't seem to work:
<rule name="Canonical Host Name" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^test\.com$" />
</conditions>
<action type="Redirect" url="http://www.example.com/{R:1}}" redirectType="Permanent" />
</rule>
My application is an Umbraco powered site and so has several system.webServer entries in the web.config file. It may just be the case that I have entered this code in the wrong place but any help here would be greatly appreciated as I am only used to doing 301 redirects in .htaccess files.
This is not really that umbraco related but I think what you want to do is this:
<rewrite>
<rules>
<rule name="redirect" enabled="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\.example\.com$" />
</conditions>
<action type="Redirect" url="http://www.example.com/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
Match all urls unless the host name part is exactly www.example.com - and redirect those to www.example.com/whatever.