Parts of other answers on Stack Overflow worked, other parts didn't, so I thought I would ask for the full solution including IIS settings re bindings.
I have a site (old ASP classic) that is being moved to IIS 8 (2012).
The site works when testing it from my hosts file.
At the moment I can only get it to redirect http to https not non www requests to www.example.com as well.
So I have 2 bindings in IIS (80/433) for www.example.com, I also tried it with another set without the www. e.g example.com but then I got errors such as the system is trying to process your request in such a way it won't return e.g following redirects around in a circle etc.
I am not so sure if that was about the 2 lots of bindings or the rules it was getting a bit messy then. So I need the whole approach from IIS binding setup and web.config rules (or is there a better way in IIS 8 to force all 80 traffic to port 443?)
I already have a number of ISAPI rules in my web.config file such as
<rule name="Order" stopProcessing="false">
<match url="^applications/order/?$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="plugins/order.asp" />
</rule>
<rule name="Robots 1" stopProcessing="false">
<match url="^robotstxt\.asp$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="robottxt.asp" />
</rule>
<rule name="Robots 2" stopProcessing="false">
<match url="^robotstxt$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="robottxt.asp" />
</rule>
So when I read up I saw about people trying to to do both rules at once or in two sets but it just never managed to work foe me.
I need non http requests to go to https
and for non www requests to go to www.example.com e.g https://www.example.com
At the moment it's partially working but only because I am not trying the non www. redirects.
I have 2 bindings for the www.example.com hostnames and this one rule at the top.
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
So all the rules are working including the http to https. However I need non www rules to work as well.
To get it to keep the rest of my rules AND to get it to ALSO redirect non www. traffic to www.example.com e.g https://www.example.com. What is the best way to do this.
Do I need another pair of bindings set up without www. e.s example.com for 80/443?
Then, what rules do I add in and what order do they need to be as int .htacces they are processed top to bottom in loops an I just wonder with IIS way there is also a logical path that could trip it over causing infinite loops.
I think adding the include is what I would do if you needed to get on top of this very quickly. Use a search and replace program to add the include tag into all of your pages:
<!--#include file="redirect.asp"-->
Then create the "redirect.asp" with something similar to below:
<%
webDomain=LCase(Request.ServerVariables("HTTP_HOST"))
scriptname=Request.ServerVariables("SCRIPT_NAME")
If InStr(webDomain,"https://www.example.com")=0 Then
Response.Status="301 Moved Permanently"
Response.AddHeader "Location", "https://www.example.com" & scriptname
End If
%>
You may need to tweak that a bit but its the basics of a coded redirect anyway.
Related
I am attempting to create a redirect rule to direct all traffic to one of my pages on my old site to my new site. I have created this rules in the parent web.config on my old IIS server:
<rule name="redirect to survey domain" stopProcessing="true">
<match url="takesurvey" />
<conditions>
<add input="{HTTPS}" pattern="^emory.zanek.net$" />
</conditions>
<action type="Redirect" url="https://survey.zanek.net/{R:1}" redirectType="Temporary" />
</rule>
Essentially I want to redirect all traffic for the specific page takesurvey to a new survey domain. So if the user navigates to:
https://emory.zanek.net/goalw4/takesurvey.aspx?id=fasidisdf
it should redirect to:
https://survey.zanek.net?id=fasidisdf
However, When I applied the rule, and then I navigate to https://emory.zanek.net/goalw4/takesurvey.aspx?id=fasidisdf, it just hangs forever. What am I missing here?
You are specifying {HTTP_HOST} but both of your URLs are HTTPS which operates on a different TCP protocol.
For your simple scenario I would just change {HTTP_HOST} to {HTTPS} in your input line.
For more information about this and robust ways to implement more complex/multiple cross types, see the link below.
Web config rewrite HTTPS
I am getting 404 when trying to access domain like https://www.example.com I get 404.
I have the following rewrite rules:
<rules>
<rule name="Redirect-HTTP-HTTPS-IIS">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
<rule name="CanonicalHostNameRule1">
<match url="(.*)"/>
<conditions>
<add input="{HTTP_HOST}" pattern="^example\.com$" negate="true"/>
</conditions>
<action type="Redirect" url="https://example.com/{R:1}"/>
</rule>
</rules>
Accessing https://www.example.com will get eventually to https://example.com. My problem is that some serves like Google webmaster tools validation can't verify the site because the page returns not found, although at the end it redirects to https://example.com.
http://example.com does show 301 redirect to https://example.com. It's only when I add www it doesn't show 301 redirect, although the server doe eventually redirects it to the right location.
How changes to the write rules I need to make so accessing https://www.example.com will be recognize as 301 redirect to https://example.com. I think that because of the multiple rules the page send not found.
Maybe there is a way to write it as a single rule that redirects 301 that includes both rules, so it will redirect URLs with HTTP or/and WWW to the one with HTTPS and non-WWW URLs.
Update: I inspected chrome Network and in the Status column, it say (canceled) for type Document and it shown on red. It might be due to IIS returning 404 because the HTTPS for domain with WWW is not certified. Is there any way around this?
Using IIS8.5 / ASP.NET 4.5
Thanks.
I needed to create an SSL certificate for the WWW version of the site as well. Once I did it, the redirection worked as intended.
I have multiple domains pointing to one hosting location.
I wish to establish one of the domains as my main domain and therefore I wish to perform a 301 redirect to this main domain whenever a user accesses my site from a secondary domain.
For example:
www.example.com
This is my main domain. I want all other domains associated with my site to redirect to here.
If a user comes in on:
www.test.com or
www.test.com/anypage
etc.
Then I want the user to be redirected to the example version of that page.
How do I do this using the web.Config file of my application? The reason I ask is that usually my web hosting provider has a tool in their back office that allows me to setup this redirect however, our client has opted for a different hosting provider that do not provide such a tool.
I have attempted to do this redirect using the following code but it doesn't seem to work:
<rule name="Canonical Host Name" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^test\.com$" />
</conditions>
<action type="Redirect" url="http://www.example.com/{R:1}}" redirectType="Permanent" />
</rule>
My application is an Umbraco powered site and so has several system.webServer entries in the web.config file. It may just be the case that I have entered this code in the wrong place but any help here would be greatly appreciated as I am only used to doing 301 redirects in .htaccess files.
This is not really that umbraco related but I think what you want to do is this:
<rewrite>
<rules>
<rule name="redirect" enabled="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" negate="true" pattern="^www\.example\.com$" />
</conditions>
<action type="Redirect" url="http://www.example.com/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
Match all urls unless the host name part is exactly www.example.com - and redirect those to www.example.com/whatever.
I'm trying to block spam referer domains with web.config. I have it (mostly) working.
Here's the code I'm using:
<rule name="abort referer spam requests" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_REFERER}" pattern="(semalt\.com|Darodar\.com|Priceg\.com|7makemoneyonline\.com|Buttons\-for\-website\.com|Ilovevitaly\.com|Blackhatworth\.com|Econom\.co|Iskalko\.ru|Lomb\.co|Lombia\.co|hulfingtonpost\.com|cenoval\.ru|bestwebsitesawards\.com|o\-o\-6\-o\-o\.com|humanorightswatch\.org|forum20\.smailik\.org|myftpupload\.com|prodvigator\.ua|best\-seo\-solution\.com|Buttons\-for\-your\-website\.com|Buy\-cheap\-online\.info|offers\.bycontext\.com|website\-errors\-scanner\.com|webmaster\-traffic\.com|guardlink\.org|www\.event\-tracking\.com|trafficmonetize\.org|traffic\-paradise\.org|simple\-share\-buttons\.com|sharebutton\.org|s\.click\.aliexpress\.com|social\-buttons\.com|site12\.social\-buttons\.com|anticrawler\.org|adcash\.com|adviceforum\.info|cenokos\.ru|cityadspix\.com|edakgfvwql\.ru|gobongo\.info|kambasoft\.com|luxup\.ru|4webmasters\.org|get\-free\-traffic\-now\.com|Best\-seo\-offer\.com|Theguardlan\.com|www1\.social\-buttons\.com|netvibes\.com|webcrawler\.com|www\.get\-free\-traffic\-now\.com|sanjosestartups\.com|100dollars\-seo\.com|resellerclub\.com|savetubevideo\.com|screentoolkit\.com|seoexperimenty\.ru|slftsdybbg\.ru|socialseet\.ru|superiends\.org|vodkoved\.ru|websocial\.me|ykecwqlixx\.ru|76brighton\.co\.uk|paparazzistudios\.com\.au|powitania\.pl|sharebutton\.net|tasteidea\.com|descargar\-musica\-gratis\.net|torontoplumbinggroup\.com|cyprusbuyproperties\.com|ranksonic\.org|Googlsucks\.com|free\-share\-buttons\.com|securesuite\.co\.uk|securesuite\.net|www3\.free\-social\-buttons\.com|free\-social\-buttons\.com|sitevaluation\.org|howtostopreferralspam\.eu|symbaloo\.com|acads\.net|addons\.mozilla\.org\/en\-US\/firefox\/addon\/ilovevitaly\/|aliexpress\.com|anal\-acrobats\.hol\.es|brakehawk\.com|domination\.ml|event\-tracking\.com|forum69\.info|ilovevitaly\.co|ilovevitaly\.ru|iminent\.com|kabbalah\-red\-bracelets\.com|makemoneyonline\.com|masterseek\.com|o\-o\-6\-o\-o\.ru|o\-o\-8\-o\-o\.ru|ok\.ru|pornhub\-forum\.ga|pornhub\-forum\.uni\.me|prlog\.ru|ranksonic\.info|rapidgator\-porn\.ga|sexyteens\.hol\.es|smailik\.org|youporn\-forum\.ga|youporn\-forum\.uni\.me|.*monetiz.*|semaltmedia\.com)" />
</conditions>
<action type="AbortRequest" />
</rule>
It is blocking all the domains except webmonetizer.net.
my question:
How is webmonetizer.net getting through? In the code above I've included
.*monetiz.*
I've tested this in fiddler too, and it's being blocked. It gets a 504 response when I test my site (www.myirelandtour.com), so I thought that would have stopped it?
User-Agent: Fiddler
Referer: webmonetizer.net
Host: www.myirelandtour.com
I'm still seeing webmonetizer.net as a referer in my google analytics, any ideas why or how to stop that? Thanks!
Most of the spammers in Google Analytics never access your site so any server solution like web.config or the htaccess file won't work
This type of spam is known as Ghost because it never reaches your site, the only way to stop it is by using filters in GA.
You may get confused and think the web.config rules block it because Ghost spam usually shows only for a few days. Sometimes it comes back sometimes it doesn't.
The other type of spam "Crawlers" can be blocked from there, but there are just a few of them compared to the Ghosts, from your list only semalt, buttons-for-website and few more.
You can find a guide to create the filters and more information on this related answers
https://stackoverflow.com/a/28354319/3197362
https://webmasters.stackexchange.com/a/80927/49561
Hope it helps,
I use the following code in my web.config (well I imported my .htaccess file into a Windows server, and it converted it to this):
<rule name="Imported Rule 1">
<match url=".*" ignoreCase="false" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_REFERER}" pattern="^http://.*semalt\.com" />
<add input="{HTTP_REFERER}" pattern="^http://.*buttons-for-website\.com" />
<add input="{HTTP_REFERER}" pattern="^http://.*7makemoneyonline\.com" />
<add input="{HTTP_REFERER}" pattern="^http://.*webmonetizer\.net" />
</conditions>
<action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
I did this in January, and the referers still don't show up in Google Analytics.
I have an ASP.NET MVC app with the following deployment requirements:
The URL structure must be something like:
http://server/app/[enterprise]/[communinty]/{controller}/{action}/...
What I think I want to be able to do is intercept the URL before the MVC route handler gets its hands on it, remove the [enterprise]/[community] parts, and then allow MVC to continue processing as if the original URL had not contained those two segments.
Here's why:
The application exposes multiple portals to multiple customers (enterprises), and each community within an enterprise has its own user population. This kind of scheme could also be served by physically deploying one application instance (binaries,content,web.config) into each [community] directory, but for logistical and performance reasons, I don't think we want to go down this path. So I'm trying to virtualize it through routing tricks.
Any suggestions on how to go about this scheme, or alternate solutions would be appreciated.
We are on IIS 7, if that makes any difference.
You can use the following route before the default route
routes.MapRoute(
null,
"{enterprise}/{community}/{controller}/{action}/{id}",
new { controller = "Home", action = "Index", id = UrlParameter.Optional }
);
You can then ignore {enterprise} and {community} parameters in your action methods.
Here is a possible solution with IIS Rewrite module. It may not be the best approach, but it may work. Is there an easier/better option within the MVC routing? Not sure. Only just started doing that myself.
Using "http://server.com/app/enterprise/community/controller/action/" as an example.
What happens:
Strips the string out of the URL. New
URL:
http://server.com/controller/action/
Redirects the user to new URL. User's
browser now shows:
http://server.com/controller/action/
Takes the new URL and tries to
rebuild it to grab the correct
content. User's browser shows:
http://server.com/controller/action/ ;
IIS returns:
http://server.com/app/enterprise/community/controller/action/
All of this would be in the web.config once the IIS rewrite module is installed:
<rewrite>
<rules>
<clear />
<rule name="Redirect to remove Offending String" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="server.com/app/enterprise/community*" />
<action type="Redirect" url="/{R:1}" />
<conditions logicalGrouping="MatchAll">
<add input="{SERVER_NAME}" pattern="*server.com*" />
</conditions>
</rule>
<rule name="Rewrite to get Original Content" enabled="true" patternSyntax="Wildcard" stopProcessing="false">
<match url="*" />
<conditions logicalGrouping="MatchAll">
<add input="{SERVER_NAME}" pattern="*server.com*" />
</conditions>
<action type="Rewrite" url="app/enterprise/community{R:1}" />
</rule>
</rules>
</rewrite>
Note: Just did this quick, haven't tested.