URL Rewrite module for IIS7

2017-12-11T14:01:44+00:00 August 16th, 2010|Azure|

As part of a larger project I’ve been involved with which uses an IIS7 web application (I’ve been helping the client with their infrastructure and integrating the application with AD) we hit an issue where some 3rd party pieces of code were using absolute links *tut tut*! rather than relative ones, this had the side effect that a user would start off their session using an SSL secured https session & after performing certain tasks would find themselves on http.  Not ideal!  The application also has a requirement that the web servers are able to connect to themselves on port 80 – this could not be changed & interfering with this connection would break functionality.

To resolve this I’ve implemented the Microsoft URL Rewrite module 2 for IIS7, with the following configuration:

  1. Download and install the IIS URL re-writing module: http://www.iis.net/download/urlrewrite
  2. Go to the site in IIS manager & navigate to URL Rewrite in the right hand pain
  3. Create a new inbound rule with the following settings:
  4. Match URL:
    1. Requested URL: ‘Matches the pattern’
    2. Using: ‘Regular Expressions’
    3. Pattern: ‘(.*)’
    4. Ignore Case: ‘True’
  5. Conditions:
    1. Input ‘{HTTPS}’ Type ‘Matches the pattern’ Pattern ‘^OFF$’
    2. Input ‘{LOCAL_ADDR}’ Type ‘Does not match the pattern’ Pattern ‘127.0.0.1’
  6. Action: ‘Redirect’ Redirect URL: ‘https://{HTTP_HOST}/{R:1}’ Append Query String: True Redirect type: ‘See Other (303)’

This will not only correct broken URLs which get returned but will redirect users who hit the site via http to https which is a requirement for the service.

Handy fix – I’d often use TMG / ISA to resolve this but this customer’s solution does not feature those products (the site is being deployed internally).

 

Rob