IIS URL Rewrite - Redirect any HTTPS traffic to sub-domain

Posted by uniquelau on Server Fault See other posts from Server Fault or by uniquelau
Published on 2014-08-06T12:10:43Z Indexed on 2014/08/20 4:23 UTC
Read the original article Hit count: 464

Filed under:
|
|

We have an interesting hosting environment that dictates all secure traffic must travel over a specific sub domain. E.g. http://secure.domain.com/my-page

I'd like to handle this switch using URL Rewrite, i.e. at server level, rather than application level.

My cases are:

https://secure.domain.com/page => NO CHANGE, remains the same
https://domain.com/page => sub-domain inserted, https://secure.domain.com/page
https://www.domain.com/page => remove 'www', insert sub-domain

In my mind the logic is:

INPUT = Full Url = http://www.domain.com/page

If INPUT contains HTTPS Then check Full URL, does it contain 'secure'? If YES do nothing, if no add 'secure' If INPUT contains 'www' remove 'www'

The certificate is not a wild card (e.g. top level domain) and is issues to:

https://secure.domain.com/

The website could also be hosted in a staging environment. E.g.

https://secure.environment.domain.com/

I do not have control over 'environment' or 'domain' or the 'tld'.

Laurence

-

Update 1, 19th August

So as mentioned below, the trick here is to avoid a redirect loop that could drive anyone well loopy.

This is what I propose:

One rule to force certain traffic to the secure domain:

<rule name="Force 'Umbraco' to secure" stopProcessing="true">
    <conditions logicalGrouping="MatchAll">
        <add input="{REQUEST_URI}" pattern="^/umbraco/(.+)$" ignoreCase="true" />
        <add input="{HTTP_HOST}" negate="true" pattern="^secure\.(.+)$" />
    </conditions>
    <action type="Redirect" url="https://secure.{HTTP_HOST}/{R:0}" redirectType="Permanent" />
</rule>

Another rule, that then removes the secure domain, expect for traffic on the secure domain.

<rule name="Remove secure, expect for Umbraco" stopProcessing="true">
    <match url="(.*)" ignoreCase="true" />
    <conditions logicalGrouping="MatchAll">
        <add input="{HTTP_HOST}" pattern="^secure\.(.+)$" />
        <add input="{REQUEST_URI}" negate="true" pattern="^/umbraco/(.+)$" ignoreCase="true" />
    </conditions>
    <!-- Set Domain to match environment -->
    <action type="Redirect" url="http://staging.domain.com/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>

This works for a single directory or group of files, however I've been unable to add additional logic into those two rules. For example you might have 3 folders that need to be secure, I tried adding these as Negate records, but then no redirection happens at all.

Hmmm! L

© Server Fault or respective owner

Related posts about iis

Related posts about rewrite