Godaddy URL Rewrite HTTP to HTTPS won't work Plesk [closed] - asp.net-mvc

Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 5 years ago.
Improve this question
First I have looked at resolutions all around on stackoverflow as well as googling the heck out of this and even going to godaddy support(lack there of support)
I am on godaddy using windows (plesk). my site is written in C# mvc. I setup my SSL cert and I am able to access the site through https. when I try to access through http it does not redirect but instead gives me a 403.4 error.
I tried the URL rewrite like suggested on Godaddy's help section
https://www.godaddy.com/help/redirect-http-to-https-automatically-8828
I have even copied a URL rewrite we use at work on one of our production sites on our own servers.
<rewrite>
<rules>
<rule name="Remove www" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.(.+)$" />
</conditions>
<action type="Redirect" url="http://{C:1}/{R:0}" />
</rule>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
none of that seems to work, godaddy is blaming it on the Cert not being propagated, but if that were the case than HTTPS should not work and I shouldn't be getting a 403.4 error but instead some other related error at best.
Require SSL is enabled on the godaddy server

I solved this by unchecking "Require SSL" and now it redirects.

Related

Convert HTTP links to HTTPS in ASP.NET website

I have external free MP3 file (non-coyrighted) URLs on an http web-site.
I want to let users play these mp3 urls from my HTTPS site written in ASP.NET MVC.
How can I convert these HTTP urls to HTTPS urls on (using some sort of proxy on IIS) the fly without affecting performance.
EDIT:
The http site hosting mp3 is not mine. It has different domain name from my https site and is hosted on some other server by someone else. Any request for mp3 url on the http site (not owned by me) should appear to come through an https site (either my https site or some other). I do not have control over the http site, otherwise I would have put SSL on that site.
Thanks,
Gagan
you need to bind https binding with SSL certificate and redirect all the request from HTTP to https.
for redirect, you could use below url rewrite rule in your web.config file.
<system.webServer>
<rewrite>
<rules>
<rule name="Force HTTPS" enabled="true">
<match url="(.*)" ignoreCase="false"/>
<conditions>
<add input="{HTTPS}" pattern="off"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent"/>
</rule>
</rules>
</rewrite>
</system.webServer>
For certificate configuration following link can be helpful: Enabling SSL on IIS

IIS redirect old domain to new domain keeping the path

This somewhat works, http://newdomain.com/link will redirect to https://www.newdomain.com/link. However, http://olddomain.com/link redirects to https://www.newdomain.com (losing the path).
<rule name="Enforce HTTPS and www.newdomain.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTPS}" pattern="off" />
<add input="{HTTP_HOST}" pattern="olddomain\.com$" />
<add input="{HTTP_HOST}" pattern="^newdomain\.com$" />
</conditions>
<action type="Redirect" url="https://www.newdomain.com/{R:1}" redirectType="Permanent" />
</rule>
I believe the code is correct, but it's not working when doing a domain to domain redirect. Something else in IIS is doing the redirect first and therefore not respecting this rule (probably never even getting to it).
This may not be so much of an IIS redirect question, but a question of what else could be causing this pre-redirect before this rule. I have no other rules that have anything to do with domains at all.
Any insight into this?
Thanks to #Dusan Bajic I figured it out.
I totally removed the redirect. When I did that, some of the redirects stopped working. However, the redirect from the old domain to the new domain still happened (and in the same way, removing the path). That allowed me to isolate the problem as outside of an IIS redirect.
Come to find out, the problem was with our load balancer. For the old domain, it was doing a redirect of its own, so the old domain never reached IIS. Once the load balancer redirect was removed, it then got to IIS and the above redirect which worked flawlessly.
So the solution to this was to remove the redirect and see if the redirect still happened. And if so, look at whatever is "up stream" that's doing the redirect. I didn't know our load balancer did redirects, but I do now!
Thanks for the assist Dusan Bajic

IIS Http redirect

I have couple of questions regarding IIS configuration.
When I enable HTTP redirect in IIS and use http://localhost/SubApp it's redirected to https://localhost/SubApp, but when it's http://localhost/service.svc it's not redirected to https://localhost/service.svc.
Also with redirect enabled URL like this https://localhost/test.html is not opened, I see message
Can’t reach this page. Make sure the web address https://localhost is correct.
Content of file very simple: <html><body>test html</body></html>.
However when HTTP redirect disabled I can open this URL. I have self-signed certificate.
Config for HTTP redirect is
<httpRedirect enabled="true" destination="https://localhost" exactDestination="false" childOnly="false" httpResponseStatus="Permanent" />
So, questions are:
Why *.svc is not redirected to HTTPS protocol?
Why https://localhost/test.html can't be opened with enabled http redirect?
Does it all mean just use url rewrite module and get rid of redirect configuration?
After tests we have found out that the only possibility to use HTTP redirect (from HTTP to HTTPS) is:
Configure HTTP binding for the main site so port changed from 80 to 81. Also, port 81 is not visible from outside
Add new website with HTTP binding to port 80, this site has empty WWWRoot
Add HTTP redirect to this new empty website so it redirects to HTTPS of our main site.
In this case HTTP redirect works fine.
My aim was three-fold
to use a domain name in the address bar without www
to auto-redirect from HTTP to HTTPS without fail or issue or the need to accept certificates in the browser of any kind
simple failsafe security. if google can do it why can I?
The idea of using a 'smoky' port in the previous post was smart. While using port 80 I was constantly getting the blue IIS welcome page and the http protocol. The fake port seems to force the asp.net web page to actually read the redirection code in the web config. I changed all my http bindings to port 81. Added to that the rewrite url codes in the web.config shown below.
Another important thing to test is turning OFF the 'Required SSL' as one post indicated it may conflict with IIS Rewrite URL (any conflict that doesn't show an error can be a major headache). Prior to turning the IIS 'SSL Settings' 'Required' switch off and leaving just 'Ignore' as checked ANY combination of Rewrite URL from the hundreds of posts or walkthrough setups seemed to fail (eg this was specific to IIS10 Win 2016 but probably the same all previous IIS's).
It was also important during testing to ensure requests are outside your Lan if hosting from a Static IP. Just use your mobile hotspot and a number of browsers from your tablet (eg samsung, brave, mozilla, edge etc) to see responses of each. Part of the reason for this was based on the implementation of TLS1.2 and disabling of ALL other protocols and ciphers.
Finally don't forget to constantly delete cookies / history prior to testing page loads. In some cases a 'wipe cache partition' on an android removes any temporary files that may be causing an issue with the device (especially during testing).
This issue can be a nightmare as things that are supposed to work absolutely don't work, even though the logic is 'bulletproof logical'.
Even with all these things considered and tested, there is a good chance it won't work in some browsers... it just refuses to move from the
h*tp://domain.com
IIS welcome page... eg edge, brave, etc
Sa sample rewrite with 3 rules, as per instructions from a popular ssl site
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect www" stopProcessing="true">
<match url="www.domain.com"/>
<conditions>
<add input="{HTTPS}" pattern="^OFF$"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent"/>
</rule>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="domain.com"/>
<conditions>
<add input="{HTTPS}" pattern="^OFF$"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent"/>
</rule>
<rule name="Redirect Canonical HTTP to HTTPS" stopProcessing="true">
<match url="domain.com"/>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}"/>
</rule>
</rules>
<outboundRules>
<rule name="Add Strict-Transport-Security when HTTPS" enabled="true">
<match serverVariable="RESPONSE_Strict_Transport_Security" pattern=".*"/>
<conditions>
<add input="{HTTPS}" pattern="on" ignoreCase="true"/>
</conditions>
<action type="Rewrite" value="max-age=31536000; includeSubDomains; preload"/>
</rule>
</outboundRules>
</rewrite>
even some page load code in C# asp.net may do nothing... but it was worth a try... maybe it is not possible in IIS land.
protected void Application_BeginRequest(Object sender, EventArgs e)
{
HttpContext context = HttpContext.Current;
if (!context.Request.IsSecureConnection)
{
UriBuilder secureUrl = new UriBuilder(context.Request.Url);
secureUrl.Scheme = "https";
secureUrl.Port = 443;
context.Response.Redirect(secureUrl.ToString(), false);
}
}

Convert ASP.NET Webforms url to MVC route

I'm replacing an old ASP.NET webforms app with a new MVC application. However, I have an issue with users having old links to a particular page that I would like to automatically translate to the correct MVC route.
Old site: http://mysite.com/ticketsdetail.aspx?id=12345
New site: http://mysite.com/tickets/details/12345
Is there a way in the MVC routing of catching the old url and translating it to the new one?
EDIT:
Ok, the web.config entry to do this using the IIS7 URL rewriting is:
<rewrite>
<rules>
<rule name="Ticket page redirect" stopProcessing="true">
<match url="ticketsdetail.aspx$" />
<conditions>
<add input="{QUERY_STRING}" pattern="id=(\d*)$" />
</conditions>
<action type="Redirect" url="Calls/Tickets/{C:1}" appendQueryString="false" redirectType="Temporary" />
</rule>
</rules>
</rewrite>
Don't do it in code is my suggestion, unless you absolutely need to. Scott Hanselman has a good article on how to do what you need in the web.conf using IIS Url Rewrite.
Article Here
This would be your rule that would go in your web.config as well:
<rule name="RewriteUserFriendlyURL1" stopProcessing="true">
<match url="^ticket/details/([^/]+)/?$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="ticketdetails.aspx?id={R:1}" />
</rule>
If your using IIS7 then the URL rewrite tool is pretty slick;
http://learn.iis.net/page.aspx/460/using-url-rewrite-module/
This is a good article;
http://learn.iis.net/page.aspx/496/iis-url-rewriting-and-aspnet-routing/
Which Option Should You Use?
What does all this information mean if
you need to choose a technology to
enable clean URLs for your Web
applications? In this section, we
explain how to make this choice.
If your Web application is built by
using anything except ASP.NET, use the
IIS URL Rewrite module. Otherwise, the
rules are:
If you are developing a new ASP.NET Web application that uses
either ASP.NET MVC or ASP.NET Dynamic
Data technologies, use ASP.NET
routing. Your application will benefit
from native support for clean URLs,
including generation of clean URLs for
the links in your Web pages. Note that
ASP.NET routing does not support
standard Web Forms applications yet,
although there are plans to support it
in the future.
If you already have a legacy ASP.NET Web application and do not
want to change it, use the URL Rewrite
module. The URL Rewrite module lets
you translate search engine-friendly
URLs into a format that your
application currently uses. Also, it
lets you create redirect rules that
can be used to redirect search engine
crawlers to clean URLs.
However, its logical to me to get the url rewriter to sort out this kind of stuff out at the iis level, especially since you'll be needing to use a regex to pull the querystring apart to form the new url.. Something the url rewriter does amazingly well.

www.example.com does not work, but example.com does

This question could be posted on ServerFault as well, however there is definitely a coding element involved due to the rewrite rules in my web.config. This is why the question does indeed have a home on SO.
I've recently deployed a website to a new server and have discovered that trying to access my site via www.example.com returns a 404 while example.com works just fine. I'm not sure if this is an IIS configuration issue or with the rewrite rules I've specified in my web.config.
I have not redployed the site without the rules shown below to see if they are indeed the issue. These rules were working fine while the site was hosted by DiscountASP.NET.
<rewrite>
<rules>
<rule name="Redirect to NON-WWW" stopProcessing="true">
<match url=".*"/>
<conditions>
<add input="{HTTP_HOST}" pattern="^www.rsolberg.com$"/>
</conditions>
<action type="Redirect" url="http://rsolberg.com/{R:0}" redirectType="Permanent"/>
</rule>
<rule name="Default Document" stopProcessing="true">
<match url="(.*)default.aspx"/>
<action type="Redirect" url="{R:1}" redirectType="Permanent"/>
</rule>
</rules>
</rewrite>
I've also confirmed with GoDaddy that there is a WWW cname pointed to #.
Working:
http://rsolberg.com
Not Working:
http://www.rsolberg.com
I would confirm that IIS has both host headers (rsolberg.com and www.rsolbeg.com) listed for your site. Without the www version requests will make it to the correct web server but IIS won't serve the correct site and may be returning a generic 404 instead. I don't think the redirect/rewrite is involved at all as no 301/302s are getting sent.
I have solved this problem earlier, just delete the earlier CNAME. And try adding a new one as below
www.rsolberg.com CNAME --> rsolberg.com
Ananth Ramasamy Meenachi www.msarm.com

Resources