Rewrite rule to HTTPS except when on localhost - regex

I am using the answer given here as the basis for trying to add a rewrite rule to my web.config file. I want it to match any url that is not running on localhost in order to force https.
Here is what I have right now:
<system.webServer>
<rewrite> <!-- force https - https://stackoverflow.com/a/15119044/51 -->
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="^((?!localhost).)*$"/>
<conditions>
<add input="{HTTPS}" pattern="^OFF$"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther"/>
</rule>
</rules>
</rewrite>
</system.webServer>
I am trying to use a negative lookaround in order to only match url's that do not include "localhost" within the url. But this is not working.
So how should this rule be set up in order to only rewrite non-localhost url's?

Try this condition:
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="^(.*)$"/>
<conditions>
<add input="{HTTPS}" pattern="^OFF$"/>
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost$" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther"/>
</rule>
</rules>
</rewrite>
</system.webServer>
Using a negate condition against the localhost pattern should do the trick.

Adding to anubhava's answer, you can replace the add element for localhost with the following 2 entries to cater for both localhost and 127.0.0.1 with optional ports e.g localhost:59400 which is the case when debugging through visual studio and IIS
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost(:\d+)?$" negate="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^127\.0\.0\.1(:\d+)?$" negate="true" />
With the original answer, localhost:123 would be redirected to https which may not be desirable.

Regular expression updated, this works for me, with a custom Port
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="(localhost)(:\d+)" negate="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="(127.0.0.1)(:\d+)" negate="true" />

Related

IIS rewrite rule not working in live environment

I have 4 servers in azure, 3 are load balanced and the 4th is for CMS purposes only.
SSL certificate has been added for the main website, but not for the sobdomain that the CMS is on.
I wrote a rule that should find any url that doesnt contain "backoffice" and match any other page to change it to https.
This works on regexr.com but for some reason doesnt work
<rewrite>
<rules>
<rule name="http to https" stopProcessing="true">
<match url="(https?:\/\/(?!backoffice).*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://www.WEBSITENAME.com{R:1}" />
</rule>
</rules>
</rewrite>
Url Rewriting 2.1 is installed on all 4 servers and i have created a load balance set in azure for https.
going to https manually works fine (along with loadbalancing).
Additional information:
I've tried many rules, including the existing answer. I can see things happening, like assets being brought in as https, but the page itself does not redirect.
There are 2 load balance sets, one for port 80 and the other for port 443. I don't know if this is corect, or could be a potential cause in the redirect not happening.
Your rule should be like that:
<rule name="http to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{REQUEST_URI}" pattern="/backoffice" negate="true" />
</conditions>
<action type="Redirect" url="https://www.WEBSITENAME.com{R:0}" />
</rule>
This rule will exclude requests with /backoffice path.
Also for issue of mixing content you need to fix your paths for css/js/images to relatives. Example:
<img src="/path/to/your/image.jpg"/>
Another way to fix mixed content is create outbound rule, which will change your output HTML (replace http: to https:):
<rewrite>
...
<outboundRules>
<rule name="Rewrite external references to use HTTPS" preCondition="IsHTML">
<match filterByTags="Script, Link, Img, CustomTags" customTags="HTML5Tags" pattern="^http://(.*)$" />
<action type="Rewrite" value="https://{R:1}" />
</rule>
<preConditions>
<preCondition name="IsHTML">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
<customTags>
<tags name="HTML5Tags">
<tag name="Video" attribute="src" />
</tags>
</customTags>
</outboundRules>
</rewrite>
Using the previous answer as a starting point, i made a few minor changes, to use HTTP_HOST rather than REQUEST_URI for the pattern negation and it works.
<system.webServer>
<rewrite xdt:Transform="InsertIfMissing">
<rules>
<rule name="http to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="^backoffice\.WEBSITENAME\.com$" negate="true" />
</conditions>
<action type="Redirect" url="https://www.WEBSITENAME.com/{R:0}" />
</rule>
</rules>
</rewrite>
</system.webServer>

Rule not working in rewrite rules despite valid regex

Our webconfig file uses Url Rewrite, essentially pushing any http traffic to https
This works fine other than developing locally. For a while we have to simply remember to comment out the code from the web.config and uncomment it again for commit. Naturally this isn't a good way to work.
The code is simple
<rewrite>
<rules>
<rule name="Redirect-AllWWW-ToSecureNonWWW">
<match url="^((?!local).)*$" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(?:www\.)(.+)$" />
</conditions>
<action type="Redirect" url="https://{C:1}/{R:0}"/>
</rule>
<rule name="Redirect-AllNonSecure-ToSecureNonWWW-ExcludingLocalhost">
<match url="^((?!local).)*$" />
<conditions>
<add input="{HTTP_HOST}" pattern="^localhost$" negate="true" />
<add input="{HTTPS}" pattern="^off$" />
<add input="{HTTP_HOST}" pattern="^(?:www\.)?(.+)" />
</conditions>
<action type="Redirect" url="https://{C:1}/{R:0}" />
</rule>
</rules>
</rewrite>
And as per the regex101 , it works!
https://regex101.com/r/3Mz6w1/1
However, when on localhost, I am still directed to HTTPS
Why does it work in regex101 and not in my web.config file
This seems to be related to Redirect rule not working
quote from URL Rewrite Module Configuration Reference
A rewrite rule pattern is used to specify a pattern to which the current URL path is compared.
...
A pattern is specified within a <match> element of a rewrite rule.
According to this piece of official information, you must be sure that <match url compares only with URL paths which never contain host names, not the entire URL.
For Url Rewrite Module, URL path of this question is questions/44944175/rule-not-working-in-rewrite-rules-despite-valid-regex for example. No stackoverflow.com no https:// no query strings but only the path without leading slash.
To ignore requests for host names containing local you need some conditions looking for a local match with HTTP_HOST header.
<rewrite>
<rules>
<rule name="Redirect-AllWWW-ToSecureNonWWW" stopProcessing="true">
<match url=".*" />
<conditions>
<!-- continue if http host name does not contain "local" -->
<add input="{HTTP_HOST}" pattern="local" negate="true" />
<add input="{HTTP_HOST}" pattern="^(?:www\.)(.+)$" />
</conditions>
<action type="Redirect" url="https://{C:1}/{R:0}" />
</rule>
<rule name="Redirect-AllNonSecure-ToSecureNonWWW-ExcludingLocalhost" stopProcessing="true">
<match url=".*" />
<conditions>
<!-- continue if http host name does not contain "local" -->
<add input="{HTTP_HOST}" pattern="local" negate="true" />
<add input="{HTTPS}" pattern="^off$" />
<add input="{HTTP_HOST}" pattern="^(?:www\.)?(.+)" />
</conditions>
<action type="Redirect" url="https://{C:1}/{R:0}" />
</rule>
</rules>
</rewrite>

IIS redirect with regex [duplicate]

Whenever someone makes request over HTTP protocol I rewrite the url to make it HTTPS. This is the code in web.config:
<rule name="Imported Rule 1-1" enabled="true" stopProcessing="true">
<match url="^(?!https://).*" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{SERVER_PORT}" pattern="80" ignoreCase="false" />
</conditions>
<action type="Rewrite" url="https://abc.com/{R:1}" />
</rule>
However when I browse on http:// I get IIS error
HTTP Error 500.50 - URL Rewrite Module Error. The expression "https://abc.com/{R:1}" cannot be expanded.
How can I resolve this? I am utterly confused.
The matches are zero based.
<action type="Rewrite" url="https://abc.com/{R:1}" />
Won't work because you only have one match. You need:
<action type="Rewrite" url="https://abc.com/{R:0}" />
Also, this won't work, because you can only match on the path below the site root.
<match url="^(?!https://).*" ignoreCase="false" />
It looks like you are checking for ssl. Try this instead:
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
You can redirect through web config to
Hope it will help full
<rule name="Redirect to WWW" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^abc.com$" />
</conditions>
<action type="Redirect" url="http://www.abc.com/{R:0}" redirectType="Permanent" />
</rule>

Web.config rewrite module

I am trying to figure out how to add a rule to my web.config so it detects any link that has anything in the url beyond the .com portion - and then does not process the next input condition which detects if the device is mobile and then redirects to m.mysite.com.
For example here are some example cases I would want it to skip over the mobile redirect:
If a incoming link is www.mysite.com/coupon/etc
If a incoming link is www.mysite.com?c=1
I do want it to redirect to the mobile site in all cases where its just the base domain of www.mysite.com or mysite.com.
Here is my current web.config rewrite section.
<rewrite>
<rules>
<rule name="MobileRedirect" patternSyntax="ECMAScript" stopProcessing="true">
<match url=".*" ignoreCase="true"/>
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_COOKIE}" pattern="persistdesktop=1" ignoreCase="true" negate="true"/>
<add input="{HTTP_USER_AGENT}" pattern="android|blackberry|googlebot-mobile|iemobile|iphone|ipod|opera mobile|palmos|webos"/>
</conditions>
<action type="Redirect" url="http://m.mysite.com" appendQueryString="false" redirectType="Found"/>
</rule>
</rules>
So my best guess is that I need to add another condition above the other two. And then do I change the conditions logicalGrouping parameter to MatchAny? Or do I create another rule above this existing rule?
Thanks!
You haven't set the ignoreCase attribute value to true for HTTP_USER_AGENT. The match URL pattern and the Query string pattern need some changes.
Change the rewrite configuration to:
<rewrite>
<rules>
<rule name="MobileRedirect" stopProcessing="true">
<match url="^$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTP_COOKIE}" pattern="persistdesktop=1" negate="true" />
<add input="{HTTP_USER_AGENT}" pattern="android|blackberry|googlebot-mobile|iemobile|iphone|ipod|opera" ignoreCase="true"/>
<add input="{QUERY_STRING}" pattern="^$"/>
</conditions>
<action type="Redirect" url="http://m.mysite.com" redirectType="Found" />
</rule>
</rules>
</rewrite>

IIS 7 Redirect using regular expression

We currently have a wordpress blog running under a sub domain http:// blog.domain.com. That site is also currently running via reverse proxy as http:// www.domain.com/blog that points to the original subdomain site.
Currently both sites are running correctly but the issue we have is that we want the sub domain site to redirect to the reversed proxy site and not render. We only want the site to render as http:// www.domain.com/blog. I have been attempting to use the URL Rewrite in IIS 7 on a server 2008 machine.
I think the issue I am having is with the regular expression. I tried using -- ^(blog.)* -- and when I test it in IIS it returns that it matches (blog.domainname.com) but the site itself does not redirect when I open it in a browser. I'm not sure what I am missing. Thanks in advance for your help.
<rewrite>
<rules>
<rule name="Main Rule" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" /></rule>
<rule name="wordpress" patternSyntax="Wildcard">
<match url="*" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" /> </rule>
<rule name="redirect to /blog" enabled="false" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^(blog.)*" />
<action type="Redirect" url="http:// www.domainname.com/blog" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="(.*)" />
</conditions>
</rule>
</rules>
</rewrite>
The problem is probably that your rewrite rules are not running when you hit that URL.
Make sure that it's actually mapped to that site.
Sorry, I just noticed that your rule is not enabled:
<rule name="redirect to /blog" enabled="false" patternSyntax="ECMAScript" stopProcessing="true">
You'd have to modify the enabled attribute to True.