We all know that URL Rewrite module of IIS allows us to easily build powerful rules using rewrite providers written in .NET, regular expression pattern matching, and wildcard mapping to examine information in both URLs and other HTTP headers and IIS server variables. Rules can be written to generate URLs that can be easier for users to remember, simple for search engines to index, and allow URLs to follow a consistent and canonical host name format. URL Rewrite further simplifies the rule creation process with support for content rewriting, rule templates, rewrite maps, rule validation, and import of existing mod_rewrite rules.
The most common usage of URL Rewrite are:
- Http To Https Redirection
- Reverse Proxy to another site/server
Http To Https Redirection
When a site requiring SSL is accessed via a non-secure HTTP connection, IIS responds with an HTTP 403 (Unauthorized) status code. This might be acceptable if you always expect the end users to type “https://…” in their browser’s address bar. However, for better discoverability and user-friendliness, you likely don’t want to return 403 responses to end users using an unsecured HTTP connection. Instead, you should redirect them to the secure version of the URL they requested. For example, if you visit http://amazon.com, you’ll be redirected to https://amazon.com.
Since URL rewrite is an out of band extension ,you need to first install the module into your machine. Once installed,
Open IIS Manager.
Select your site.
Double-click the URL Rewrite feature in the middle pane.
In the Actions pane, click Add Rules.
In the Add Rules dialog:
Select Blank Rule under Inbound Rules.
Click OK.
Configure the Rule
Name the rule (e.g., RedirectHttpToHttps).
Under Conditions, click Add... to create a condition:
Condition Input: Select {HTTPS} from the dropdown.
Check if input string: Select Matches the Pattern.
Pattern: Enter ^OFF$.
Click OK to save the condition.
Under Action:
Action Type: Select Redirect.
Redirect URL: Enter https://{HTTP_HOST}/{R:1}.
Redirect Type: Select Permanent (301).
Click Apply in the Actions pane.
Alternatively, if you prefer to update the configuration manually, edit the site’s web.config file to include the following rule:
<rewrite>
<rules>
<rule name="RedirectHttpToHttps" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
To make this rule work within the same website, you need to disable the “Require SSL” checkbox. If you prefer not to do that, you can create two websites in IIS—one with HTTP binding and another with HTTPS binding—and then add this rule to the web.config file of the site with HTTP binding.
Reverse Proxy to another site/server
To perform Reverse Proxy to another site/server, along with Url rewrite we need to use the feature called ARR of IIS Application Request Routing and make sure you are downloading it first into your machine.
For example, you have an intranet web server and you want to expose its content over internet. To enable that you will need to perform the following configuration steps on the server that will act as a proxy:
Step1: Check the “Enable proxy” checkbox located in Application Request Routing feature view in IIS Manager.
Step2: Add the following rule to the web site that will be used to proxy HTTP requests:
<rule name="ReverseProxy">
<match url="(.*)" />
<action type="Rewrite" url="http://backendhostname/{R:1}" />
</rule>
Note the http:// prefix in the rewrite rule action. That is what indicates that this request must be proxy ’ed, instead of being rewritten. When rule has “Rewrite” action with the URL that contains the protocol prefix, then URL Rewrite Module will not perform its standard URL rewriting logic. Instead, it will pass the request to Application Request Routing module, which will proxy that request to the URL specified in the rule.
Hope this helps!
Published Nov 16, 2024
Version 1.0
Archi_Chakraborty
Microsoft
Microsoft
