I'm using an SSL certificate and IIS. In my web.config I want to redirect all website traffic in the following order:
all http --> https
all www --> non-www
You want to use the redirect module in order to do this. This intercepts the request as it's coming in to the server and changes it according to your instructions.
Here is an action to redirect all to https:
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
and here is one to redirect www to non-www:
<conditions> <add input=”{HTTP_HOST}” pattern=”^example\.com$” negate=”true” /> </conditions> <action type=”Redirect” url=”http://example.com/{R:1}” />
There are plenty of articles around the web and StackOverflow when you include both "web.config" and "redirect" in your search.
Make sure that when you set up the rules you only use stopProcessing="true" on the final rule. If that appears on the first rule then the second rule will never execute.
i find the answer
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="NonWwwRedirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www.yoursit\.com$" />
</conditions>
<action type="Redirect" url="http://yoursite.com/{R:1}" />
</rule>
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
<system.webServer />
Related
I need to avoid the double redirect I have after I created two IIS URL Rewrite rules to do:
1) Redirect www to non-www.
2) Redirect HTTP to HTTPS.
This is my code:
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
<rule name="CanonicalHostNameRule1" enabled="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^mydomain\.com$" ignoreCase="true" negate="true" />
</conditions>
<action type="Redirect" url="https://ABC/{R:1}" />
</rule>
(ABC is mydomain.com name but I had to change it in order to be able to post the question)
The problem is that if I go to www it does two redirects, one from www to non-www and a second one from http to https.
I also tried having only one rules with both conditions but the result was not better.
Is there a way to only do one redirect?
This is the final configuration I used:
<rewrite>
<rules>
<rule name="Force non-WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://yourdomainname.com/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
It's only one rule that redirects to non-www and https url.
You should be able to with HTTP to HTTPS, the reverse is trickier depending on your IIS setup.
<rule name="HTTP to HTTPs and www to non-www " enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{SERVER_PORT}" pattern="^80$" />
<add input="{HTTP_HOST}" pattern="^www\.example\.com$" />
</conditions>
<action type="Redirect" url="https://example.com/{R:1}" />
</rule>
Keep in mind, based on how you have sites structured in IIS (Bindings, sites, etc), it's all going to influence how your rewrite rules work and where your going to place them. At the app level or as a global rule.
Since I don't know how you have your bindings or IIS structured with other sites, It's impossible to write the URL Rewrite rule for you with 100% accuracy.
So you might need to do a little experimentation with the above syntax.
Of course. Just drop these rules instead: (no modification required)
<rule name="Redirect to HTTPS without www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^(www\.)?(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="Special case for HTTPS with www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^ON$" />
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" redirectType="Permanent" />
</rule>
I am using web.config to redirect all HTTP traffic to a HTTPs website
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
This works just fine.
My client wants me to now redirect a whole load of other non HTTPs .com domains to this HTTPs .co.uk domain.
I found a redirect script:
<rule name="Redirect to www.MYDOMAIN.co.uk" patternSyntax="ECMAScript" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^(www.)?MYOTHERDOMAIN1.(com|org)$" />
<add input="{HTTP_HOST}" pattern="^(www.)?MYOTHERDOMAIN2.(com|net|org)$" />
</conditions>
<action type="Redirect" url="http://www.MYDOMAIN.co.uk/{R:0}" />
</rule>
For the life of me I cannot seem to combine these script into one script that will pick any of his domains and cleanly point them in the direction of the HTTPs .co.uk domain.
Any ideas would be greatly appreciated as regular expressions are not my strong point.
Kind Regards
You can simply add two rules in the order they must process (with only the last rule set to stopProcessing).
<rules>
<clear />
<rule name="domain redirect" stopProcessing="false">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(www.)?EXAMPLE2.(com|net)$" />
</conditions>
<action type="Redirect" url="http://www.EXAMPLE.net{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
My goal is to have rule(s) in IIS/Azure's web.config file to successfully redirect the following client request examples:
HTTPS redirect:
From: example.com
To: https://example.com
No-www & HTTPS redirect:
From: www.example.com
To: https://example.com
No-www, HTTPS redirect & maintain path:
From: www.example.com/examplepage
To: https://example.com/examplepage
Here's what I have so far, which only is achieving point 1 and 2. If a visitor lands directly on a subpage, they aren't redirected to non-www and aren't redirected to HTTPS.
<rule name="Redirect to https">
<match url="(.*)"/>
<conditions>
<add input="{HTTPS}" pattern="Off"/>
<add input="{REQUEST_METHOD}" pattern="^get$|^head$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/>
</rule>
<rule name="Canonical Hostname" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}{REQUEST_URI}" redirectType="Permanent" />
</rule>
I've exhausted multiple search result pages and multiple StackOverflow questions without any luck - they all promise to be able to achieve the third point (redirect to a non-www, HTTPS page and maintain the path) but they haven't worked for me.
Thanks for taking the time to read this!
I discovered the problem, which is partly due to the way I presented my question (sorry, StackOverflowers!).
The issue was the ordering of the rules. I've put the following (new) rules at the top of my rules section, in the following order, for those who suffer this problem in the future. Now, it is redirecting to HTTPS, with no-www, and maintaining the path that was requested by the client.
<rule name="Canonical Hostname" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="http://{C:2}{REQUEST_URI}" redirectType="Permanent" />
</rule>
<rule name="Force HTTPS" enabled="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
i need to redirect from
www.domain.de to https://domain.de
-works
http://www.domain.de to https://domain.de
-works
http://domain.de to https://domain.de
-does not work
rewrite>
<rules>
<rule name="Imported Rule 1" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_HOST}" pattern="^www\.(.+)$" />
</conditions>
<action type="Redirect" url="https://{C:1}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
I think this will work for you, the search pattern has the optional www and redirects using the back reference C:2, the rule has a condition to only run against non https.
This is the pattern:
"^(www\.)?(.*)$"
where:
{C:0} - www.domain.de
{C:1} - www.
{C:2} - domain.de
Here's the rule in full:
<rewrite>
<rules>
<rule name="SecureRedirect" stopProcessing="true">
<match url="^(.*)$" />
<conditions>
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" pattern="^(www\.)?(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
The accepted answer doesn't handle the special case https://www.domain.de.
These rules do the complete job:
<rewrite>
<rules>
<rule name="Redirect to HTTPS without www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^(www\.)?(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="Special case for HTTPS with www" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" pattern="^ON$" />
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="https://{C:2}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
If you want to redirect www to non www:
Add DNS entry for www.yourdomain.com to refer to your server's public IP
Then you need to Edit Bindings of your website and "Add Binding" www.yourdomain.com
Add a rewrite rule to your website using iis:
<rule name="Remove WWW" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{CACHE_URL}" pattern="*://www.*" />
</conditions>
<action type="Redirect" url="{C:1}://{C:2}" redirectType="Permanent" />
</rule>
Reference: http://madskristensen.net/post/url-rewrite-and-the-www-subdomain
If you want something more flexible than for your three examples, change your HTTP_HOST pattern to : \w+\.\w+$. That would work for all three examples plus anything else, like subdomain.abcdef.domain.de.
If you use this regex either encase it in parenthesis or change C:1 to C:0 in your action.
This is what worked for me:
<rule name="NameRule1" stopProcessing="true" enabled="true" >
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^example\.com$" negate="true" />
</conditions>
<action type="Redirect" url="http://example.com/{R:1}" />
</rule>
I got it from: https://medium.com/iis-and-windows-server/redirect-url-from-www-to-non-www-in-iis7-5-4d2909b9704
Redirecting https://www.example.com to https://example.com I had to do 2 steps
Select the website, click "URL Rewrite" -> Click "Add Rule" -> Choose "Cononcial domain name" -> select your domain (without the www) -> make sure rule is at the top -> highlight the rule and click "Edit" -> and update "Redirect URL" at the end of the rule to include the 's' - https://example.com/{R:1}
I had to also create a new website with the domain www.example.com, new app pool and select the SSL cert and point it to a folder containing the following (for some reason StackOverflow wont display the code I pasted below for the rewrite rule but just google IIS rewrite rule)
After doing both steps only then does it work as desired
Tried many of solutions but below works for me:
Right click on Domain and Add a Site bindings, add one more domain with www:
2. Restart services. it should work.
These rewrite rules matches the following URL's:
www.example.com
http://www.example.com
https://www.example.com
They will all redirect to: https://example.com
These rewrite rules may redirect twice because of the separate rules. (I'm a newbie with regex)
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTPS" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
<rule name="WWW" stopProcessing="true">
<match url="^(.*)$" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="https://example.com{PATH_INFO}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
For website security, I would like to redirect a single IP address, or a few IP addresses, to a different domain using web.config. I'm new to this. I know how to limit access or block certain IPs, but is there an easy way to redirect? Thanks!
To redirect certain IP address you will need to use the URL redirect rules engine available for IIS 7
Check this link for instructions on how to redirect by IP address:
https://webmasters.stackexchange.com/questions/31509/web-config-to-redirect-except-some-given-ips
<rewrite>
<rules>
<rule name="Imported Rule 1" stopProcessing="true">
<match url="(.*)$" ignoreCase="false" />
<conditions>
<add input="{REMOTE_HOST}" pattern="^123\.123\.123\.123" ignoreCase="false" negate="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="/coming-soon.html" />
</rule>
</rules>
</rewrite>
Couldn't reply to Victor's comment, so I'll put my edited code here rather than suggest changes.
<rewrite>
<rules>
<rule name="Imported Rule 1" stopProcessing="true">
<match url="(.*)$" ignoreCase="false" />
<conditions>
<add input="{REMOTE_HOST}" pattern="^123\.123\.123\.123" ignoreCase="false" negate="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="http://www.domain-to-redirect-to/coming-soon.html" />
</rule>
</rules>
</rewrite>
The change here is that it's redirecting to a new domain as the asker wanted, rather than to a page on the same domain.
Note that if you want to redirect to coming-soon.html on the same domain, you will need to change your match rule, otherwise you will be put into a redirect loop.
Thus:
<rewrite>
<rules>
<rule name="Imported Rule 1" stopProcessing="true">
<match url="(.*)coming-soon.html$" ignoreCase="false" negate="true" />
<conditions>
<add input="{REMOTE_HOST}" pattern="^123\.123\.123\.123" ignoreCase="false" negate="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="/coming-soon.html" />
</rule>
</rules>
</rewrite>