You do not have to lock down based on windows users/groups. If you are using asp.net membership you could lock those directories based on that. Anyway the rule would look similar to this: <rule name="Block by referrer" patternSyntax="Wildcard"> <match url="*.zip"...

You could certainly create a rule that would reject requests if the referrer is not equial to "login.asp". But this method is not very reliable - is it very easy to write an HTTP client which can set the referrer header to anything it wants, thus bypassing your login page. Have you considered...

Unfortunately, current release of URL rewrite module does not support loops in rules evaluation. So, I guess, hardcoding the specific number is the only way at this point.

I think I know what causes the error. Please try re-ordering the conditions in your rules: <rule name="Add www" stopProcessing="true"> <match url=".*" ignoreCase="true" /> <conditions logicalGrouping="MatchAll"> <add input="...

Ignore my previous post - the SERVER_PROTOCOL cannot be used for this because it contains HTTP/1.1 regardless whether SSL is used or not.

takeos - thanks for your feedback. Below are the answers to your comments. The indexing of the back-references is 0-based with {R:0} or {C:0} being the entire matched string. This is consistent with all regular expression standards. For example in this pattern: ^(www\.)(.*)$ If you try this string: www...

You could capture the scheme by using the {SERVER_PROTOCOL} server variable in condition. This server variable contains the protocol together with version number (e.g. HTTP/1.1), so you would need to have a regex that captures only the protocol part. For example: <add input="{SERVER_PROTOCOL...

You can create a rule that matches the ashx extension and then stops processing: <rule name="Ignore ashx" patternSyntax="Wildcard" stopProcessing="True"> <match url="*.ashx"> <action Type="None"> </rule> Make sure this rule is...

try this: <rule name="Hide svc"> <match url="^photoalbum/([0-9a-zA-Z/]+)$"> <action type="Rewrite" url="photoalbum.svc/{R:1}"> </rule>

Having read the other thread that you referenced, I think what you are trying to do is to configure several web sites like this: Website1 with host header binding as "*.example.com" Website2 with host header binding as "*.example.org" So that if request is for foo.example.com then...