Redirect all incoming traffic to FQDN with SSL [Answered]RSS

6 replies

Last post Mar 01, 2012 10:12 AM by notaniisguy

  • Redirect all incoming traffic to FQDN with SSL

    Jan 19, 2012 02:08 PM|Hikmer|LINK

    I am struggling to find GOOD documentation on the IIS Rewrite module for soemthign I think should be very simple.  I want to redirect all internal traffic to hostname websites to the FQDN with SSL so the follwoing situations would be handled:

    http://foo/mypage.aspx

    https://foo/mypage.aspx

    http://foo.mydomain.local/mypage.aspx

    All redirect to

    https://foo.mydomain.local/mypage.aspx

    I have written a RegEx experession that parses the HTTP_HOST into several groups and I think this should do the trick.  However it doesn't appear to work (at least reliably) and I cannot figure out how to trace or troubleshoot this...nothing is showing up in the log files even after I enabled tracing.  Any help, hints or suggestions appriciated...also don't ask why I am doing this or why someone would want to do this, etc...

    From what I can tell, I am matching any incoming hostname, using the condition to parse the URL then takign the group variable sto build my final URL.  I cannot find ANY examples of this being done which is a bit frustrating...and the documentation I have read have examples that are too simple to be useful.

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
        <system.webServer>
            <rewrite>
                <rules>
                    <rule name="FQDN" enabled="true" stopProcessing="true">
                        <match url="^(.*)$" />
                        <action type="Redirect" url="https://{C:1}.mydomain.local{R:1}" />
                        <conditions trackAllCaptures="true">
                            <add input="{HTTP_HOST}" pattern="([^./]*)([^/]*)(.*)" />
                        </conditions>
                    </rule>
                </rules>
            </rewrite>
        </system.webServer>
    </configuration>
     

  • Re: Redirect all incoming traffic to FQDN with SSL

    Jan 26, 2012 12:31 AM|Lloydz|LINK

    Hi,

    Actually, the pattern you use will cause a redirection loop. According to your description, I suggest you use separate rules for this task, one rule to redirect all internal traffic to FQDN with https, another redirect all http requests with FQDN to https. The rules will look like:

    <rewrite>
      <rules>
        <rule name="Redirect2FQDN" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTP_HOST}" pattern="^([^\.]+)$" />
          </conditions>
          <action type="Redirect" url="https://{HTTP_HOST}.mydomain.local/{R:0}" />
        </rule>
        <rule name="RedirectToHTTPS" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTPS}" pattern="^OFF$" />
          </conditions>
          <action type="Redirect" url="https://{HTTP_HOST}/{R:0}" />
        </rule>
      </rules>
    </rewrite>

    Let me know if this work for you, thanks.

  • Re: Redirect all incoming traffic to FQDN with SSL

    Jan 26, 2012 12:37 AM|Hikmer|LINK

     Yes thanks I figured this out...but after lots of time spent...wish the documentation was better. 

  • Re: Redirect all incoming traffic to FQDN with SSL

    Jan 30, 2012 05:16 PM|notaniisguy|LINK

    hikmer,

    How did you end up resolving this? I need to do basically the same thing. I have one rule working that redirects anything requested http to https://foo.mydomain.local

    <rule name="HTTPS redirect" stopProcessing="true">
       <match url="(.*)" />
        <conditions logicalGrouping="MatchAny" trackAllCaptures="false">
            <add input="{HTTPS}" pattern="OFF" />
        </conditions>
       <action type="Redirect" url="https://foo.mydomain.local/{REQUEST_URI}" redirectType="SeeOther" />
    </rule>

    I'm still trying to write another rule that will just replace the hostname with the fqdn so if the request looks like https://foo/mypage.htm it will redirect to https://foo.mydomain.local/mypage.htm

    I've tried Lloydz' example and a few others with no luck.

  • Re: Redirect all incoming traffic to FQDN with SSL

    Jan 30, 2012 05:29 PM|Hikmer|LINK

    You need two rules, one to check if the site is already Fully Qualified and another if it isn't SSL.  This should work...one month of struggles...there ought to be better documentation for this on the MS rewrite site.

    <rule name="Hostname to FQDN" stopProcessing="true">
                        <match url="^(.*)$" />
                        <conditions>
                            <add input="{HTTP_HOST}" pattern="^.*\.foo\.mydomain\.local$" negate="true" />
                        </conditions>
                        <action type="Redirect" url="https://{HTTP_HOST}.foo.mydomain.local/{R:1}" />
                    </rule>
                    <rule name="FQDN to SSL" stopProcessing="true">
                        <match url="^(.*)$" />
                        <conditions>
                            <add input="{HTTPS}" pattern="^OFF$" />
                        </conditions>
                        <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
                    </rule>

     

  • Re: Redirect all incoming traffic to FQDN with SSL

    Feb 29, 2012 07:46 PM|notaniisguy|LINK

    Thanks for the reply hikmer. I didn't get the notification before and only found this by accident while looking for a solution to a new issue.

    This issue I have now is much more of a show stopper. The https redirect rule that I have working is doubling up .aspx query strings on links. Everything else works fine, but if there is a query string on the end of the link that part of the url gets doubled and the resulting page url errors out.

     

  • Re: Redirect all incoming traffic to FQDN with SSL

    Mar 01, 2012 10:12 AM|notaniisguy|LINK

    Too funny :) I just got an email letting me know that I posted to this thread yesterday. It would be nice if that happened when someone else did :)