IIS Support Blog

5 MIN READ

URL Rewrite- Part 2(Inbound Rules)

Jawahar Ganesh S

Microsoft

Feb 16, 2019

Why URL Rewrite?

Define powerful rules to transform complex URLs into simple and consistent Web addresses

http://Chiranth.com/get/ppt.aspx?author=Chiranth&topic=urlrewrite vs http://Chiranth.com/get/ppt/author/Chiranth/urlrewrite

2. Preventing hot-linking

3. Search engine friendly URLs

Enforce http://www.mysite.com instead of http://mysite.com

Why do we need inbound rules?

If we need to modify the incoming request uri or request headers before the request is handed over to the execution engine in IIS we can make use of URL Rewrite inbound rules.

How to create an inbound rule:

Over here we will be discussing the use of URL rewrite inbound rules independent of ARR. To create an inbound rule, click on the website->go to urlrewrite->add rule(s)->Blank rule under Inbound rules.

Important Sections in an Inbound rule:

• Pattern

• Conditions

• Server Variables

• Action Type- Rewrite, Redirect, abort, Custom Response, None

Mapping parts of an URL to sections in Inbound rule:

Creating sample URL Rewrite Inbound rules:

Scenario 1:

We want to redirect all the requests coming in over http to https.

For eg: I want to redirect requests coming in as http://contoso.com to https://contoso.com . also even if the request comes in as http://contoso.com/myapp/a.aspx this should also be redirected to https://contoso.com/myapp/a.aspx

Over here the pattern will be .* as we want to match and store the value of the uri present in the URL after the hostname. That is over here in our example .* matches with myapp/a.aspx.

Also note that pattern section expressions after match will be stored in {R:x} variable series where x is integer.

Also we want to make sure that this rule executes only when the request comes in over http or else we might end up in an infinite loop.

So add a condition stating that {HTTPS} is OFF.

And Action type will be redirect.

Action URL will be https://contoso.com/{R:0}

Below is how the rule will look like in the UI

Note: {R:0} will contain the whole pattern matched. You can also store sub-strings in different {R:x} variable series by specifying the specific patterns within braces. For example input string is myapp/a.aspx and pattern is myapp/(.*) then {R:0} will contain the value myapp/a.aspx and {R:1} will contain a.aspx.

Below is how the rule will look like in the web.config of your site.

<rule name="httpsredirect" enabled="false" patternSyntax="ECMAScript" stopProcessing="true">

<match url=".*" />

<conditions logicalGrouping="MatchAll" trackAllCaptures="false">

<add input="{HTTPS}" pattern="OFF" />

</conditions>

<action type="Redirect" url="https://contoso.com/{R:0}" />

</rule>

Scenario 2:

Previous example talks about a url rewrite rule redirecting the request. Let’s consider a scenario where we can rewrite the requests.

Consider a scenario where we have 2 pages a.aspx and b.aspx under the site contoso.com and we want the requests coming in for a.aspx should be rewritten to b.aspx (http://contosso.com/a.aspx->http://contosso.com/b.aspx). Note that only server knows over here that the resource has been changed to b.aspx and the client doesn’t know about it so the url won’t change and it will remain as http://contosso.com/a.aspx in IE.

Note: when you are rewriting the requests using urlrewrite without ARR we need to keep in mind that we can’t change the protocol of the request or the hostname part of it. We can only change the request headers and the request uri or pattern section.

For eg: in http://contoso.com/app_path/....., only highlighted part can be modified.

Solution: to achieve the above requirement, create a rewrite inbound rule at the site level.

Over here we need to have a pattern which matches with a.aspx so the pattern section starts and ends with a.aspx. So pattern would be ^a.aspx$.

Note: go through the previous blog for info on regular expression http://blogs.msdn.com/b/chiranth/archive/2014/06/10/url-rewrite-part-1-prerequisites.aspx

If you want you can add a condition stating the this rule can be only executed when the hostname in the URL is contoso.com by adding a condition for {HTTP_HOST} matching contoso.com

Action type would be Rewrite

Rewrite URL would be b.aspx

In rewrite url we can only modify the URI part of the url as I had previously mentioned when we use rewrite without ARR.

Below is how the rule looks like in IIS UI.

Below is how the rule will look like in the web.config of your site.

<rule name="normalrewrite" enabled="false" patternSyntax="ECMAScript">

<match url="^a.aspx$" negate="false" />

<conditions>

<add input="{HTTP_HOST}" pattern="contoso.com" />

</conditions>

<action type="Rewrite" url="b.aspx" />

</rule>

Scenario 3:

Imagine you had a site contoso.com and an application called oldsiteroot under the site, you have migrated the application from old server to new server and instead of placing the content by creating the application oldsiteroot, you have placed the content directly under the site. The users who have no idea will still be accessing the site as http://contoso.com/oldsiteroot/(contentpath) but now in the new server content location is http://contoso.com/(contentpath)

So the requests coming in as http://contoso.com/oldsiteroot/(contentpath) should be rewritten to http://contoso.com/(contentpath)

So over here pattern should match to the URI containing oldsiteroot and the resource location, also we need to exclude the ‘oldsiteroot’ and store resource name in a variable so that we can use that to append to the new rewritten url.

I had previously mentioned that you can store any number of values or patterns in {R:x} variable by enclosing the required pattern section within the braces ().

The pattern over here would be ^oldsiteroot/(.*). If the url is http://contoso.com/oldsiteroot/a.aspx then {R:0} will contain the whole pattern that is oldsiteroot/a.aspx and {R:1} will contain a.aspx

Consider the below two scenarios.