HOWTO: Common URL Redirection Techniques for IIS, Summary

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Mark A. Richman — Tue, 02 Aug 2005 21:55:30 GMT

Can you update this article with a HOWTO on exposing http://internal via http://external by ISAPI proxy?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Tue, 02 Aug 2005 22:19:50 GMT

http://internal via http://external is already included by Server-Side Forwarding, which I will eventually get to (see that entire list...).

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Rahul — Sun, 14 Aug 2005 03:53:51 GMT

Hi David,

I am waiting to read this article and am particularly interested in Core IIS Serverside redirects.

When do you plan to update this?

Could you please point me to some other resources in the meantime as I need to configure an installation just now.

Rahul (rahulkorlipara@gmail.com)

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David Wang — Mon, 15 Aug 2005 13:35:30 GMT

ISAPI Rewrite would be an example of a commercial implementation of an ISAPI Filter that does Server-Side Redirection and Server-Side Forwarding.

http://www.isapirewrite.com

Now, I do not plan on disturbing anyone's business model with my blog entry samples. I am only going to show the basics of how things work and help those that are curious.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Alex — Mon, 15 Aug 2005 15:01:36 GMT

URL Rewrite for MS IIS
http://www.smalig.com/url_rewrite/

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Douglas Keachie — Thu, 27 Oct 2005 21:47:21 GMT

You know,

Usually "how to's" are articles that show "how to" actually do something. Yours is sort of a let's define the terminology around the "how to" in question.

I've already spent about an hour bumming around the web looking for a redirect in the following simple situation.

I have lots of domain names. My business model calls for just a few (3) websites (the "Big Three") which cover everything I'm interested in. I would like to have it set up so that the cheapo businesscard domains (not the "Big Three") have a "click to enter" spot. That "click to enter" causes their browser to go to one of my "Big Three." When their browser arrives there, I want the local client side html code to note which cheapo businesscard site they came from, and to automatuically redirect them to the appropriate subdirectory. Is that really so difficult ?

I enjoyed your somewhat pompous but thorough layout of the problems of redirection, although it did not seem to cover this possibility. I was told that this was do-able. Is it not do-able on a IIS, even if I wish to buy a solution ? If it is buyable, where or how should I look for this snippet of code ??

thanks,

Doug Keachie

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David Wang — Fri, 28 Oct 2005 10:11:37 GMT

Doug - I am not certain your scenario even involves redirection, since the user must "click to enter" and that action essentially counts as navigation, not redirection.

http://blogs.msdn.com/david.wang/archive/2005/10/27/Domain_Parking_with_IIS_Summary.aspx

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Douglas Keachie — Fri, 28 Oct 2005 19:18:21 GMT

OK,

As it turns out, and cannot make a "Click to Enter" button on the business card site. I'll literally have to instruct them there on how to cut and paste the addy into their browser bar.

"Please highlite the following address, then copy it (CTRL-C), and then find the address bar in your browser, and paste it there (CTRL-v) to see complete details."

http//:www.swland.org

I could of course add on all the subdirectory information at this point, for each instance, but it would look "complicated" or "tricky" (dangerous) and so I'm hoping to send them immediately to the appropriate subdir when they hit the main site, www.swland.org, based on the business card site of origin.

Is this possible to do this redirection with client side html or other code that is pretty much universally recognized ? I'll settle for just Windows compatible, if necessary.

thanks,

Doug

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Paul Noeldner — Fri, 28 Oct 2005 23:38:35 GMT

How to redirect 401.1 using IIS? It used to work but have recently heard it doesn't in some new release configurations, apparently some kind of security lockdown default? Others eg 401.3 redirect fine.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David Wang — Tue, 01 Nov 2005 08:45:11 GMT

Paul - please define the type of redirection you wanted to accomplish for 401.1, noting that the only ways for you to know a 401.1 happened are:
1. FILE type CustomError of 401.1 is sent
2. SF_NOTIFY_ACCESS_DENIED ISAPI filter

And neither allow any sort of server-side redirection.

Plus, 401.1 means that IIS does not have a valid user token to use for request proceossing, so Server-side redirection/forwarding cannot reasonably expect to work.

So, please clarify what you are asking.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David Wang — Tue, 01 Nov 2005 08:50:30 GMT

Doug - I still do not understand why you insist on doing things your way because it doesn't seem easy nor does it seem to work. You do not want people to copy/paste anything (in general, you cannot expect users to do the right thing much less follow instructions).

I see no reason why you cannot implement something platform agnostic and that works for all browsers given what I had described earlier, and you have not given a reason why it does not work.

I certainly cannot do it for you; I will only tell you it is very possible and very easy. Whether you do it that way, that is up to you.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Aaron — Tue, 01 Nov 2005 23:46:05 GMT

Do you happen to know how to setup a redirect (IIS 6) for the 503 service unavailable message? I figured it would be in the IIS settings but i don't see anything. What i want to do is redirect users to a page saying 'connection limit' reached. Something a little more informative than the default message. I've been looking all day and can't find any details on this. Any help would be appreciated.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David Wang — Wed, 02 Nov 2005 00:07:25 GMT

Aaron - What you are asking for is not exactly a redirect.

The 503 Service Unavailable message is actually sent by HTTP.SYS when the Application Pool is disabled and cannot be customized.

HTTP.SYS sends the pre-canned 503 message because the associated Application Pool configured to handled that request is disabled, so it cannot send requests to IIS6 w3wp.exe and hence HTTP.SYS sends the 503 response instead.

//David

Another one

Uwe Keim — Tue, 08 Nov 2005 23:15:45 GMT

This is am open source version: http://www.iismods.com/

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Erick Perez — Tue, 13 Dec 2005 22:58:26 GMT

I have the situation to use the Server Side Forwarding or Proxy.
I want my main IIS with and SSL certificate to handle and redirect to another IIS, but that all communications gets done with my main IIS in the middle.

Comments and or code are welcomed.

Great Site

Melissa — Sat, 24 Dec 2005 05:53:01 GMT

I appreciate that you keep your site going and allow comments. To me feedback is an interesting part of a website... Your site is a very great website and I make your site for my homepage!.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Max — Sun, 08 Jan 2006 02:43:54 GMT

David, can you please clarify is this issue is a policy or a bug in IIS6?
http://tinyurl.com/chmjd

Since IIS6 does not preserve POST verb it kills ASP.NET postback via 40x redirect URL.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Dac — Mon, 13 Feb 2006 17:27:13 GMT

see http://pooling.info The URL Redirection service

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Trevor — Tue, 14 Feb 2006 08:35:49 GMT

Thanks a bunch David. My URL IIS rewrite filter stopped working when I moved to Server 2003 due to the worker process isolation mode not supporting the SF_NOTIFY_READ_RAW_DATA event. Your suggestion to use the SetHeader("url") function in the SF_NOTIFY_PREPROC_HEADERS event worked perfectly. In fact it is a better approach than my original design.

Thanks again.

Trevor

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Chen — Sun, 19 Feb 2006 17:34:51 GMT

Hi, David,

I am wondering how to rewrite the http://www.polloo.com/namelist.asp/name=daivd to http://www.polloo.com/david

Could I wirte the script with asp only to impletment it? And how to?

Thank you

Chen

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Wed, 22 Feb 2006 10:50:05 GMT

Chen - what sort of URL redirection do you want to perform? Client-side redirection? Server-side redirection? Please classify it according to the taxonomy I provided to describe your problem and locate possible solution routes.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Bryant — Tue, 28 Feb 2006 10:37:19 GMT

Hi, David,
Could you tell me how to force HTTP requests to HTTPS/SSL, and Force HTTPS/SSL requests to HTTP?
Thank you

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Eyal — Wed, 01 Mar 2006 20:53:57 GMT

Hi David.

When using the option of:

'Client-Side Redirection - The server sends a "302 Redirect" response with a Location: header containing the new URL, and the client makes another request to the new URL'

How do you make sure that the client will request the new URL Automatically?
Where can I find a sample code for this option?

Thanks
Eyal.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Wed, 01 Mar 2006 23:53:20 GMT

Eyal - it is not possible to make sure that the client will request the new URL automatically.

This is HTTP. The server cannot control what the client does outside of sending it a response. The HTTP specification does not say that the client has to redirect automatically.

Thus, the server can only give the client hints such as "this is a 302 redirection; here is the address at the Location: header". The client can choose to ignore the Location: header and/or pop up a dialog if it wants to - such as when a POST is redirected.

Client-Side redirection can be performed without writing code. It all depends on what you want to do.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Dean — Sun, 05 Mar 2006 08:14:26 GMT

I don’t believe I see an answer to this scenario #3 Server-Side Forwarding - The server transparently rewrites the request URL to another URL which does NOT remain on the same website as the original. Note the new website can be on another machine, but not necessarily.

I’m splitting my site and need to forward links that come to me formatted like this:

http://oldURL.com/oldFolder/showlist.asp?type=2&owner=67

They need to be redirected to:

http://newURL.com/newFolder/showlist.asp?type=2&owner=67

how might this be done using IIS, asp or any combination of either?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sun, 05 Mar 2006 13:28:21 GMT

Dean - Server-Side Forwarding is when newURL.com is NEVER visible to the user even though it does the work on behalf of oldURL.com.

If newURL.com is supposed to be visible to the user, then this is best done as a Client-Side Redirection using simple 302.

//david

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

chen — Tue, 07 Mar 2006 08:19:21 GMT

hi, David,

Thank you for your reply.

I don't understand what do you mean the client-side or server-side. I rent a space but I have no operate right to the server. I can only write some asp script to the server. And I know for Aparch server there is a rewrite url modul to do that, and there are IIS rewrite program to do that on the server. But these both don't fit for me.

Do I clear state the question?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Tue, 07 Mar 2006 13:44:09 GMT

Chen - By client-side or server-side, I mean:

When the client makes a request to:
http://www.polloo.com/namelist.asp/name=daivd

Do you want the URL bar in the browser to say:
1. http://www.polloo.com/namelist.asp/name=daivd
OR
2. http://www.polloo.com/david

If you want the browser to say #1 then you use server-side redirection. If you want the browser to say #2 then you use client-side redirection.

After you determined what sort of redirection you want to do, you can look through the above index I laid out on how to accomplish the task using the technology and server control you have.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Erlend — Wed, 08 Mar 2006 22:03:53 GMT

Hi David,

I wondered if you have ever experienced a problem that is driving me completely nuts ;) I'm performing server-side rewrite through the SF_NOTIFY_PREPROC_HEADERS event and modifying the 'url' with SetHeader. This should be quite straight forward, but unfortunately it hasn't been for me. On the first request to a given url that needs rewriting IIS decides to translate my rewrite into a client side redirect :/ When hiting the back button and retrying the request the rewrite is performed correctly. Closing the browser and retrying it behaves exactly the same way. The only other thing I'm doing in the code is adding a custom header value to be interpreted by the ISAPI extension that eventually processes the request.

Do you know of any situations that could lead IIS to send the client side redirect instead of performing the server side rewrite?

//Erlend

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Thu, 09 Mar 2006 12:34:58 GMT

Erlend - Can you give the exact request you sent? As well as IIS version.

Try using WFetch from http://www.microsoft.com/windowsserver2003/iis/diagnostictools/default.mspx to make test requests and see what actually gets returned. I do not trust using the browser to debug issues when an ISAPI is involved because ISAPI can have arbitrary behavior that confuse browsers. You need a dumb client like WFetch so that you know what is really going on.

I presume you are talking about the URLs that require courtesy redirects - i.e. http://server/vdir where /vdir exists as a folder. In those cases IIS will automatically send back a 302 redirection to http://server/vdir/ , which the browser transparently follows. However, ISAPI Filter sees both requests to http://server/vdir and http://server/vdir/ , so it should be able to rewrite.

I do not know of any situations where IIS will send a response without first calling SF_NOTIFY_PREPROC_HEADERS (which is what you are claiming)... unless you send a response from SF_NOTIFY_READ_RAW_DATA, but that is ultra-gross.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Lei — Thu, 09 Mar 2006 18:01:56 GMT

Hi David,

Thanks for your great article!

Currently I need to redirect http://server_name/virtual_directory_name/subfolder1/*.* to http://server_name/virtual_directory_name/subfolder2/handler.aspx?filename=*.*

How to achieve that in IIS? Thank you.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 10 Mar 2006 00:54:44 GMT

Lei - Please read my earlier comment to Chen. It is not clear what sort of redirection you want.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Erlend — Fri, 10 Mar 2006 01:17:30 GMT

Hi David,

I think I was being alittle unclear. I'm running IIS6 btw.

I'm changing the url through SF_NOTIFY_PREPROC_HEADERS and it always gets called. The problem is that on the first call from a browser (I'll try with WFetch but haven't had time yet) IIS sends a 302 back to the browser as a result of my changing the url, but on all subsequent calls the request gets processed like I want it to. I do suspect now though that this could be a single server issue (and might have to do with something being incorrectly installed) because I have tried it on two different servers today and I do not see the same problem.

Thanks for you input.

//Erlend

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Lei — Fri, 10 Mar 2006 08:52:39 GMT

Hi David,

Thank you for your reply!

I think I need server-side redirection. Actually, I want all user request from http://server_name/virtual_directory_name/map/*.* to be redirected to http://server_name/virtual_directory_name/main/handler.aspx?filename=*.*. Thus, I could use a single file handler.aspx.cs to handle all request from subfolder "map" of the virtual directory.

How to implement this in IIS? My IIS version is 5.1. Thanks!

//Lei

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 10 Mar 2006 10:43:47 GMT

Erlend - I do not see anything wrong with IIS sending back a 302 as a result of your changing the URL.

Expected behavior depends on the exact URL that was actually processed, IIS configuration for the URL that got processed, Filesystem configuration, and any behavior-modifying ISAPIs configured on the server.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 10 Mar 2006 10:49:42 GMT

Lei - Please read my earlier comment to Chen.

Do you want the user to see:
http://server_name/virtual_directory_name/main/handler.aspx?filename=*.*.

in their browser's Address/URL/Location bar.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Lei — Sat, 11 Mar 2006 09:59:32 GMT

Hi David,

I want the user to see: http://server_name/virtual_directory_name/map/*.* Thus, I think I need server-side redirection. So How to implement?

Thanks!

//Lei

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sat, 11 Mar 2006 13:55:04 GMT

Lei - ISAPI Filter.

I have not filled in that index with links, so you can either:
1. Figure it out (not terribly hard)
2. Piece it together from my various ISAPI Filter code samples
3. Obtain an ISAPI Filter from another vendor for fee (www.isapirewrite.com) or free (www.iismods.com)
4. Wait for sample code

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Lei — Tue, 14 Mar 2006 16:43:24 GMT

Hi David,

Thank you for your reply!

When I locate the subfolder of the virtual directory in IIS, I also can use "redirect to a URL" option to achieve the goal. So I wonder what's the difference between configure this in IIS and using ISAPI filter?

By the way, I miss one point in my previous post. I want to redirect all requests to a subfolder to a single .aspx file except a file like a.aspx in that subfolder. Is this possible using ISAPI filter? Could you direct me some reference links about coding ISAPI filter?

Really thanks for your solution!

//Lei

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Tue, 14 Mar 2006 22:38:30 GMT

Lei - The difference, as I mentioned earlier, is that:
1. the UI configuration of "IIS Core (no code) - HttpRedirect ", is only Client-Side Redirection
2. while ISAPI filter can be anything you want (notice that ISAPI Filter is under all three categories) - you just need to write the code

MSDN contains documentation about ISAPI Filter API, how it works conceptually, and how to use it. This blog also contains lots of information and sample code to do various useful things. You also need to know how to code custom logic like "redirect all requests to a single .aspx file except a file like a.aspx in that subfolder".

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Jason — Wed, 22 Mar 2006 21:52:28 GMT

I'm trying to force IIS to display a custom HTTP 403 page instead of the canned one. I went into IIS and there is no custom errors listing for 403.* so I used Metabase Explorer and added a line to the 6008 HttpErrors under the "root" of my site id. I do get the error when trying to view the custom errors in iis admin, so I know it's there, but I am not able to see this new page...only the canned one.

Is there a trick to get that active? I executed a cmd line iisreset and still nothing. My file is in the iishelp/common folder along with the rest of the error .htm files and the entry in the 6008 HttpErrors metabase list matches the other ones, but still no luck.

Any help would be appreciated.

//Jason

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Stian — Fri, 07 Apr 2006 14:52:47 GMT

Thanks for a good article!

I want the users to see "user.domain.com"
in their browser's Address/URL/Location bar.

The real system will be like this:
www.domain.com/folder/user/

The reason I want this is to make it look more pretty.

Thanks for any reply.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Mon, 10 Apr 2006 03:07:03 GMT

Stian - you want Server-Side redirection on IIS, where *.domain.com is configured in DNS to give the IP/Host to come to your ONE website which has this redirection active.

Then, have either an ISAPI Filter or ISAPI Extension rewrite the URL based on the Host header.

Microsoft has already written such an ISAPI Filter to do this for hosters - contact those folks, get in the program, and get the help and support for free:
http://blogs.msdn.com/david.wang/archive/2005/09/26/HOWTO_Mass_Shared_Hosting_on_Windows_with_IIS6.aspx

Note: Since you want mass shared hosting, you don't need the rich website bindings of IIS - and you will see IIS scales just as well if not better than Apache, given comparable extensibility modules and mechanisms.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 14 Apr 2006 14:23:51 GMT

Hooray, another 10K entry. Been waiting for this for a while now.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Mark — Sat, 15 Apr 2006 02:05:05 GMT

Hi David,

I want users to be redirected to and see the following in their browers:
http://www.bluehilldata.com/about/

The old file resides at:
http://www.bluehilldata.com/about.html

If I understand correctly, this would be a client-side redirect. Is there a way to accomplish said redirect on IIS in a manner analogous to Apache's .htaccess redirect? That is, can I create a single file in which multiple redirects are defined, without actually maintaining the old files (i.e., about.html) in the root directory?

Thanks in advance for your help,
Mark

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sat, 15 Apr 2006 04:27:03 GMT

Mark - sure. In the blog entry, I listed FIVE ways that you can do this on IIS, from declarative configuration analogous to Apache's custom module configuration in .htaccess all the way through customization through code.

To what degree of flexibility do you want?

For example, the built-in HttpRedirect functionality in IIS can handle this. Or you can use HttpErrors to catch the file-not-found. Or write your own configurable ISAPI Filter or ISAPI Extension.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

paul smith — Sun, 16 Apr 2006 18:37:18 GMT

url update

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

paul smith — Sun, 16 Apr 2006 18:37:52 GMT

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Mark — Mon, 17 Apr 2006 01:10:17 GMT

David,

Thanks for the reply. Sorry if I seem a little dense; I'm not a server administrator, but rather an (amateur) web designer.

I have about 10 HTML pages that have been relocated, and I'd like to create a single, .htaccess-like file to handle these redirects. Because I don't have the ability to change any of the IIS settings, the file has to be something I can FTP to the server.

Any suggestions?

Thanks again,
Mark

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Mon, 17 Apr 2006 02:35:24 GMT

Mark - Redirection settings are IIS configuration changes which can only be done as server administrator, so you cannot do what you want in the way you want.

What you are asking for is "delegated administration of server configuration", something that Apache loosely offers with .htaccess files. Existing IIS versions do not work like that. IIS7 will support the sort of delegated administration you want in the way you ask (xcopy deploy application+server configuration as files).

Thus, for the time being, you will need to maintain old stub files to serve as meta-redirect to the new files.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Ty — Fri, 28 Apr 2006 04:01:39 GMT

David,

Very nice article. After a couple of hours of hunting, yours was the clearest explanation of the options. I'm curious about why there seems to be such a dearth of info on server-side forwarding. It seems to me that it should be a common deployment strategy to have a web tier in front of an 'application' tier, for performance and security, on large sites. For example, I believe it's common to run Apache (alone) in front of, say, WebLogic, and serve static data from the Apache web tier, and dynamic data from the Weblogic app tier. Now, in the Microsoft world, this same architecture would be IIS locked down and acting only as a web server in the web tier for static content, and IIS running as a .NET app server on the app tier. This gives you some load benifits, some security benifits (only app tier can touch databases, for example, with web tier on DMZ). But this does require server-side forwarding. So why isn't this a well-known technique with tools (ISAPI filters) supplied by Microsoft? I must be wrong - it must not be common at all. What do you think? Thanks again!

--Ty

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 28 Apr 2006 10:22:08 GMT

Ty - What you want to do is best done with Microsoft ISA Server (firewall + reverse proxy + forward proxy). It is designed to properly resolve and securely re-route network traffic between multiple network segments at the right networking layer. While you CAN do those tasks with a web server, you should not - and that is why Microsoft does not supply it. Just because many people like to do something does not make it "right"; it only means it is popular.

The lone Apache running mod_proxy and mod_forwarder is basically poor-man's implementation of ISA. It "works", sorta, but it has major problems such as:
1. It is level 6/7 routing - inefficient networking
2. It is level 6/7 routing - effectively considered a middle-man attack against most every security protocol such as SSL, SSL Client Certificate, or Kerberos

In other words, the model you describe primarily works for the anonymous, insecure web - like mass web hosting, company web presence, toy authentication schemes like Basic, Digest, or custom cookie auth supported by Apache, etc.

If you want to build secure applications to make financial transactions, that entire infrastructure really does not work. What you end up doing is either settling for a weaker authentication solution that "works" but you pray you never get attacked, or you re-invent Kerberos and re-implement it.

I will put it this way - everytime you use or build a custom authentication / authorization scheme, it is probably less secure than what is offered for free in Microsoft Windows. Most of the time, custom authentication protocol gets "invented" because the author did not understand existing open standards and brazenly thinks he is good enough. This is why I trust the open standards like Kerberos and SSL. I do not trust random custom authentication scheme...

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Ty — Mon, 01 May 2006 23:46:08 GMT

Thanks David. I'm now looking into ISA. Is this a widely used architecture in the industry? In other words, do folks commonly implement and deploy 2- and 3-tier architectures using ISA/IIS/DB? Is it done primarily for security or performance, or both?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Wed, 03 May 2006 04:45:09 GMT

Ty - I cannot really comment because I am not involved with the deployment/design/architecture of IIS solutions. Other blog readers probably have better experience/comments/recommendations than I.

From my perspective, those are all arbitrary design-decisions specific to a given deployment and are mostly requirements solvable by existing ISA/IIS/DB features.

For example, security is always relative. Some people are ok with web servers directly on the Internet; others want web servers behind a firewall; some want a DMZ; others do not. Similarly for performance. Some people are ok with a central proxy server caching; other's don't care; and others want individual IIS servers to cache; etc. It all depends on requirements, and everyone differs. You should do whatever makes sense, not merely what "everyone else is doing". Though I would not be surprised to see everyone independently coming to the same conclusions since we are logical. :-)

I am on the IIS product team, so I look at the problem space a little more technically than practically.

i.e. I care about level 6/7 routing being inefficient and a man-in-the-middle security attack... while most Consultants/Implementers just want to "make it work" and usually do not care about such details or just wants them "solved".

From my viewpoint, ISA/IIS/DB is the most logical arrangement because that is how we designed it. ISA provides "Edge" services like Firewall, Forward Proxy for internal Clients and Reverse-Proxy for internal servers. So, ISA supports sophisticated network routing as well as easily "publish" internal IIS web servers to be visible to the outside world. Of course, ISA also supports Caching of IIS, just as IIS supports kernel-mode caching as well as user-mode caching of its responses. Meanwhile, IIS does not assume that there is security protection around it, so it comes pre-secured and locked down so that it can run directly on the Internet, but for added functionality some people may open more ports or run more sensitive apps on IIS... and then you'd need to arrange for better protection.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

frank — Wed, 03 May 2006 04:54:11 GMT

David, it's great that are love Microsoft so much, but when you say "While you CAN do those tasks with a web server, you should not - and that is why Microsoft does not supply it." - it seems laughable that Microsoft is finally doing just that in their IIS 7.0 Beta.

http://technet2.microsoft.com/WindowsServer/en/Library/934bf23a-6e23-49f7-8c66-5e598fc959ad1033.mspx

Considering how easy it is, it is pretty pathetic that it took them 7 major versions to get in there...

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Wed, 03 May 2006 11:35:30 GMT

frank - You're not the only person that does not understand, so you need to read this blog entry:
http://blogs.msdn.com/david.wang/archive/2006/04/13/IIS7_Product_or_Platform.aspx

Basically, IIS has never been treated like a competitive product. It has been treated as a platform that just needed to be "good enough" to provide for the needs of other Microsoft servers/applications.

Hence, because ISA, Exchange, Sharepoint, FrontPage, etc exist to do various tasks, IIS does not do them and our architecture gets skewed as well.

For example:
1. We hacked major features in IIS for Exchange because they needed it, and eventually no one ends up using it.
2. ISA is the product to do reverse-proxy and IIS is inefficient layer to do reverse-proxy, there is no motive for the IIS team to do it. Never mind that mod_proxy exists because IIS is not a "product" to compete in the webserver space. And since IIS is not competing in the webserver space, it affects decisions in the overall extensibility API.
3. IIS3/4 existed to push ASP; IIS5/6 existed to fix problem of bad user apps. IIS7 exists to lay the foundation to compete in the web server space.

From my perspective, it is pretty pathetic that:
1. Apache loses market share to a non-competitor like IIS
2. IIS took so long to get a product-like identity

So, I suggest that you simply be happy that Microsoft is taking interest in the web server space and get ready to see *real* competition and improvements in this space. In other words, see IIS7 like our first version as a product in the web server space. That's how we see it.

And, if you think mod_proxy or RequestForwarder is "easy", then think again. The maintainer of mod_proxy will tell you about its difficulties, and we also know what is not done.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

frank — Wed, 03 May 2006 19:23:17 GMT

David, people use IIS because they are locked into using a Microsoft solution for everything. If IIS was a stand alone product from a stand alone company it would have died a quiet death years ago.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Thu, 04 May 2006 01:19:00 GMT

frank - thanks for finally agreeing with my point. If IIS was stand alone and treated as a product by Microsoft it probably would have changed long ago, too.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

frank — Thu, 04 May 2006 10:47:45 GMT

Yes, we agree. It is a piece of shit, and has been for years. Good luck with version 7.0. I hope it is a re-write.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Thu, 04 May 2006 13:35:23 GMT

frank - ... thanks.

However, it sounds like you are just talking rhetoric because if you've even seen/used IIS5 and IIS6, you should immediately know that IIS6 is already the engineering rewrite you talk about. IIS7 is merely the refactoring of that rewrite into a completely open, modular, and componentized architecture (itself a huge undertaking).

IIS6 is already very well received and very easy to adopt. Marketing/Evangelism have very little problems with IIS6, so you will start seeing big market share movements (check out the last six months of Netcraft for world-wide "market share"). It is mostly irrational customer resistance that make it interesting.

And if it is not obvious already, IIS7 will be a classic "embrace and extend" aimed right at the big design flaws inherent in Apache due to its quest to be cross-platform.

Yup, it will be fun to have competition, and the best part is that the customer will win. Hard for you to argue against that. ;-)

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Aaron — Fri, 05 May 2006 20:13:34 GMT

David, I have a situation where I have one main website that serves content for multiple data-driven websites. These little websites each have their own domain name. I want to do the following:

when a user types in mysite.com, have their browser show:
http://www.mysite.com

but the content will actually come from www.mybigsite.com?siteid=23

Can you tell me how to achieve this with IIS 6/WIN2k3 ?

Thanks,
Aaron

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Aaron — Fri, 05 May 2006 20:15:13 GMT

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 12 May 2006 15:06:29 GMT

Aaron - you want Server-Side Redirection.

As I indicated earlier, it can be achieved with IIS6 and requires an extensibility module. You can either write the module, find a free one, or purchase one.

This blog entry's comments mention several choices that you should investigate and pursue.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Khan — Tue, 16 May 2006 02:40:03 GMT

Hi David, Although I have read the entire article and new to .net I have the following question.
I am trying to achieve a rewrite or whatever I can do to not change the url in the follwoing scenario.
site resites at http://www.mysite.com/
Have shared ssl space on
https://ssl-shared.com
When the user is on
www.mysite.com/whateverpage
I would like the site to bring in the page from the shared ssl and for the address to remain as is. Can you shed some light
Thanks

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Khan — Tue, 16 May 2006 02:42:50 GMT

Just forgot to mention I have no control over the admin of the server, but can write code, so if the job can be done with .net it would be brilliant.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

DotNetInterop — Thu, 08 Jun 2006 01:15:17 GMT

Another option for a free IIS mod_rewrite type thing - http://cheeso.members.winisp.net/IIRF.aspx .
It does regular expressions, works with IIS5 or IIS6, includes RewriteCond, and does redirects.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Leah — Mon, 12 Jun 2006 19:50:55 GMT

For a planned outage, I need to redirect 15 SSL sites to 1 non-SLL site. How do I redirect SSL to Non-SSL?

THANK YOU!

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Tue, 13 Jun 2006 10:30:39 GMT

Leah - If the SSL sites themselves need to be down (i.e. you are doing something with the server itself), then you need to do the redirection at the DNS or Network router stage. If the SSL sites and the server itself is down, IIS obviously cannot perform any redirection so you need to do it at the network upstream.

If the SSL sites themselves remain operational during the outage, then simply configure the IIS "HTTP Redirection" property of each SSL website to point to the non-SSL website. See IIS documentation on MSDN for more details.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

James — Sat, 05 Aug 2006 20:35:33 GMT

David - Great article. I think I'm closer to understanding all the redirections.

I'm assuming this is server side redirection. This is for sharepoint.

The orginal address is: http://www.server.com/sites/user

To make it easier for users I'd like to have: http://user1.server.com and be redirected to the original address.

This is just for ease of use. Once redirected they can see the original address.

I saw your reply to Stian for hosters. Is that what I would use or is there a easier way for me?

Thanks!

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

djs — Wed, 09 Aug 2006 17:45:01 GMT

Am I missing something or is there absolutly nothing on your site that actually describes how to do any of these redirection techniques?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Thu, 10 Aug 2006 11:17:26 GMT

djs - yeah, I have not gotten around to fleshing out this index entry with example configurations and code samples.

I have just provided the taxonomy to categorize and cover this problem space so that people can commonly communicate solutions. On its own, it is already sufficient enough to help many people identify/resolve their issue.

I may come back to flesh out some parts of this problem space, but I will not provide/support coded solutions. Only sample, illustrative code.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Amit — Mon, 28 Aug 2006 08:24:31 GMT

David,

I want to redirect the http request from IIS6 to 10g server.(http request means jsp and oracle forms from IIS.client request for jsp and oracle but it needs to redirect to 10g AS.)

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Mon, 28 Aug 2006 13:46:24 GMT

Amit - can you clarify the exact type of redirection that you want, based on the classification outlined in this blog entry?

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Suhas — Thu, 31 Aug 2006 00:19:14 GMT

Hi David,

I want to redirect to a local IP address in my LAN network connected to the machine running IIS so that externally I can access the internal IP address of LAN.

-Suhas

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Eamon — Sat, 09 Sep 2006 22:50:14 GMT

Hey David,

No questions from me, just wanted to say good work on the post. Was very informative, helped clarify a lot of things and pointed me in the right direction. Needless to say, thanks to your post I got my reverse proxy configuration sorted with everything up and running the way it should.

Many thanks,
-Eamon

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Paul — Thu, 28 Sep 2006 19:06:05 GMT

Hi,

I have a subdomain in a website. I kinda got it for free. now I also have a free webhosting and I want to forward any requests made to my subdomain to my webhost. eg:

http://myname.srv1.com/paul/about.html
this would display the http://mynamesrv.com/paul/about.hml
but the url would not change.

The problem is I dont have access to their IIS configuraion. Al I can do is upload a file to it. So could I do this using thje web.config mod?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

iiscool — Sat, 30 Sep 2006 02:48:43 GMT

Paul - I am guessing that your old hoster supports asp\asp.net, so in your global.asa, read the original url(/paul/about.html), modify it to http://mynamesrv.com/paul/about.html and do a response.redirect. This will let the client (say, IE) know that the url has now changed to http://mynamesrv.com/paul/about.html and it automatically requests the new url seemlessly.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Alexey — Fri, 08 Jun 2007 22:54:25 GMT

Here is a question that has caused me a lot of sleepless hours already.

First - some background:

I have a "replicated" site - in effect, it's a database-driven app that displays different contact information depending on the URL that was entered. So for example, when I enter "www.mydomain.com/Alexey" the page that will be brought up will have my contact info. However, what makes this site "replicated" is the fact that virtual directory "alexey" does not in fact exist within the site. The 404 error is configured in IIS to redirect to a custom handler that parses the URL, uses the dummy virtual directory to do a database lookup, places some info in session variables and then builds the real URL based on this information retrieved from the database (the real URL may look someting like "www.mydomain.com/sites/11/areas/1/default.aspx?myVar=5", where all the numeric portions are values that came back from DB, and those ARE real virtual directories)

Now - the Question:

I want to be able to maintain that pretty (but nonexistent!) "www.mydomain.com/Alexey" URL throughout the users browsing of the site. Whether or not actual page names appear at the end of it is immaterial - the main thing I care about is that the main portion of the URL does not change into that long and convoluted one. This would be an example of Server Redirect, but I am having difficulty getting it to work with non-existent virtual directories. Can you offer any advice?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Alexey — Fri, 08 Jun 2007 23:03:21 GMT

Oh, and something I forgot to mention - these database entries are created dynamically as users sign up on the site, so I never know at any given point what "dummy" virtual directory may exist in my database. There could be hundreds, even thousands, and it is not feasible for me to maintain any kind of a config file (like most of the commercial URL rewrites seem to require). I need for this functionality to work "on-the-fly", preferably something I can call from the code-behind .VB file of my app.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sun, 24 Jun 2007 09:35:02 GMT

Alexey - I would not bother with non-existent virtual directories because that is an artifact of your implementation choice of using the 404 custom error to redirect, which really does not suffice for your needs.

You have a custom URL mapping. The mapping has to be stored somewhere, either in a config file or dynamically calculated by code stored inside an ISAPI Filter that does the rewriting.

Since you want to maintain the illusion of the vanity URL to the end-user, you must also change all outgoing response URLs to map back to the vanity URL, or else the end-user will see the convoluted URLs again.

You will likely have to write an ISAPI Filter to route requests from vanity URL to convoluted URL, and since the ASP.Net application will only see its URL as the convoluted URL, you will either need to pass the vanity URL around, or write an ASP.Net httpModule to filter the response and munge any convoluted URL back to vanity URL.

It is at this point that you wish the ASP.Net application itself directly supports vanity URL instead of you retro-fitting hacks to give 85% functionality and 50% performance.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Naica — Wed, 04 Jul 2007 04:45:40 GMT

David,

I have an web app that shows in a frame ASP.NET 1.1 pages. The web app is used from outside our internal network so it goes through the firewall. In order to call an aspx page I have to redirect from app to something like:

www.blablabla.com.au/vd1/mypage.aspx

www.blablabla.com.au is mapped to our web site (IIS 6.0) using port 1004, and vd1 is a virtual directory under the web site and this is where the mypage.aspx sits.

All worked fine up to now, and still work as long the new pages we create are in ASP.NET 1.1.

I developed a page in ASP.NET 2.0 and put it in vd1 as mynewpage.aspx. It works but some things failed to work (session is lost, AJAX not working properly...) so I decided to create a new web site on same web server, let's say myws and then deployed my page there. All fine it works perfect, but now I can't access the page from main app because www.blablabla.com.au points to the old web site and obviously the page can't be found there.

Now comes the question. How can I keep my new aspx page on my new web site and do a redirect to this web site when page is called from client.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

brad.eckrose@gmail.com — Wed, 08 Aug 2007 02:09:56 GMT

David,

I'm interested in the server-side redirection using the IIS "Core" (no code involved) - IIsWebFile and ScriptMaps technique.

I believe you use the IIsWebFile to set up default file handling and then add the ScriptMap property to route all the traffic to some dll to do the redirection.

I don't understand what .dll to use for the script processor. Is it aspnet_isapi.dll? How do I tell it the target server and port?

The larger goal is this:

http://publicserver/mymap

must transparently redirect incoming requests to:

http://privatedomain.mymapserver:?80?/

--Brad

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Wed, 08 Aug 2007 13:27:54 GMT

Brad - I do not see how your goal is Server-Side Redirection.

You want to rewrite URLs between two different websites, which is Server-Side Forwarding.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

brad.eckrose@gmail.com — Wed, 08 Aug 2007 18:07:14 GMT

David,

Per your taxonomy:

"Server-Side Redirection - The server transparently rewrites the request URL to another URL which remains on the same website as the original."

If I understand what you mean by "remains on the same website as the original" as the URL in the address bar does not change, then this is what I want.

Let me rephrase the proposition this as:

http://publicserver.com:mapport#/mymap

must transparently redirect incoming requests to:

http://privatedomain.internaldns.mymapserver:?80?/

and the user and more importantly, his browser, must still believe he is on:

http://publicserver:mapport#/mymap

I believe the laypersons lingo for what I'm trying to do is "reverse proxy" where the proxy device is the only device with a public ip address and direct access to the outside internet -- and it also contains an private ip address on our internal network and can act as a sort of bridge.

Granted, I'm not a taxonomist, and I'm new to isapi extensions and filters and web server and tcpip configuration on any platform. If you can point me to learning resources, I will refrain from re-asking questions here which may be better suited to another forum.

After rescanning the post history I see you've responded to "stian" in April 2006 which may contain some information that I have missed. I will continue digging.

--brad

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

rllaneis — Wed, 29 Aug 2007 04:50:22 GMT

i'm thinking of doing server-side forwarding, basically:

portal.mycompany.net/1234 -> apps.mycompany.net (on a different machine), where the client still sees "portal.mycompany.net/1234"

these sites are behind ISA, do i need to publish apps.mycompany.net or will the portal.mycompany.net publishing rule will suffice?

i have yet to start this, so i'm open for suggestions and changes, the goal is that the client access our portal site and click on a link inside it that will redirect them to our apps site without knowing so, meaning the url is still the portal site link (e.g. portal.mycompany.net/1234)

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Dale Leonard — Wed, 29 Aug 2007 19:37:46 GMT

I've been banging my head over this one for a few days.

I have a customer that is trying to make sure http://domain.com 301 redirects to http://www.domain.com

They have some ASP pages and some such.

Dale

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

steven swink — Thu, 30 Aug 2007 17:32:25 GMT

I'd like to accomplish something similar to Myspace's vanity url. i.e. www.thissite.com/username. I'd like for users to use a vanity url to access thier dynamically generated web page without changing the url in the browser. When a user requests the page www.thissite.com/username, I need to run some code that will parse the username (I guess using GET or similar), match the username to a database entry that holds specific information about that user's page (myspace) and build the corresponding HTML. Is this possible with a ISAPI filter?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Sean — Wed, 26 Sep 2007 00:50:33 GMT

So how do you do it? I want to map http://domain.com/file.pdf to http://domain.com/my_fancy.asp

That is easy to do in java but how do you do it in IIS 4?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

drupal — Fri, 28 Sep 2007 02:47:15 GMT

Here is another way to Redirect www to non www version of site

Options +FollowSymLinks

RewriteEngine on

RewriteCond %{HTTP_HOST} .

RewriteCond %{HTTP_HOST} !^example\.com

RewriteRule (.*) http://example.com/$1 [R=301,L]

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

André — Wed, 17 Oct 2007 11:59:55 GMT

I have a domain called www.lomas21.es

The real stuff is located in www.solicon.com.es/lomas21/.

On the server www.lomas21.es is masked forwarded to www.solicon.com.es/lomas21/

Everything was working just fine... BUT...

When I started to use AJAX it only works nice when the URL www.solicon.com.es/lomas21/ is used. From www.lomas21.es the nice AJAX interface does not work. It rewrites the whole page!

To understand me: go to the URL´s and click "Cinturones"

Can somebody give me the solucion? I am really lost for 2 weeks now...

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Steve — Mon, 03 Dec 2007 23:28:26 GMT

David,

For server-side redirection, can you talk to the choice of ISAPI filter versus ISAPI extension? Am I right in thinking that they are very similar but that the filter is site-wide whereas the extension can be different on different virtua directories within the site>

Thanks for a great site.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Johan — Thu, 06 Dec 2007 23:53:54 GMT

Hi David,

Currently working with CMS which also implements isapi filters. My problem is this: cms has a little bug, if you put yout URL as http://server/cultures/en-us/site the request fails as there is no trailing / (should read http://server/cultures/en-us/site/ )

What i was thinking is creating a filter that adds the / if it was omitted. Then, add my filter above cms filter.

I used getHeader, do my check and add a "/" if required, then setheader my new url. That part works, the problem is the site loads but cms filters werent applied (its almost that after my filter finishes it skips over the rest of the filters in the isapi list in iis.)

Any ideas? iis 6.

Thanks, Johan

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Steve — Tue, 11 Dec 2007 01:50:03 GMT

David,

First my environment is IIS6.0 and ASP.NET 2.0.

Let's say that I have a request come in "appl.aspx?someparams" and I want to redirect that to "somepage.special" to be handled by whatever ISAPI extension is configured to handle ".special", then how can I do this? Maybe the "somepage.special" came from a database lookup.

I looked at a HttpModule in the ASP.NET pipeline capturing the authorizeRequest event (I have forms authentication and url authorization in place) and doing it from there using the request.redirect method. That gets me client side redirection.

But what if I don't want to go back to the client, what if I want server-side redirection (but from within ASP.NET), that is, I want to go back to the top of the ISS processing sequence (or at least before where it is picking the ISAPI extension to process the request)?

I thought that calling server.execute or server.transfer might do it, but from what I've read, it can only do this for another ASP.NET page (e.g. to "somepage.aspx" and not to "somepage.special").

What are your thoughts on this?

Thanks.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Steve — Tue, 11 Dec 2007 01:50:06 GMT

David,

First my environment is IIS6.0 and ASP.NET 2.0.

I thought that calling server.execute or server.transfer might do it, but from what I've read, it can only do this for another ASP.NET page (e.g. to "somepage.aspx" and not to "somepage.special").

What are your thoughts on this?

Thanks.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Josh — Thu, 27 Dec 2007 17:44:14 GMT

For all redirection and url rewriting stuff, I use IIS Mod-Rewrite

http://www.micronovae.com/ModRewrite/ModRewrite.html

It's a must have tool on every IIS server. But since it's compatible with Apache's mod_rewrite, I guess Microsoft will never adopt such Apache style functionality.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Mon, 31 Dec 2007 11:47:11 GMT

Josh - I'm not certain why you think that Microsoft will never adopt Apache style functionality. Microsoft is not obtuse to ignore good ideas -- remember "embrace and extend"?

For example, IIS7 takes the best of Apache and improves on every aspect:

- Completely customizable core request engine - similar to Apache. Complete modularity improves security, reliability, control.

- Completely customizable, schematized, and performant distributed configuration system - better than Apache because it's good enough to be on-by-default, while no one turns on .htaccess if they cannot accept its performance penality

- Completely customizable, extensible UI which plugs with the core and distributed config - superior to Apache without add-ons.

Does IIS7 currently lack the breadth of modules of Apache? Absolutely. But IIS7 has all the right ingredients and support to surpass Apache, and all the Netcraft (etc) numbers support it.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

IT programmer — Fri, 04 Jan 2008 22:21:14 GMT

Alot of reading here with no real answers

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sun, 06 Jan 2008 14:19:37 GMT

IT programmer - unfortunately, that is by-design. You can read my BIO for the details.

There are plenty of people and places to swap code snippets or answers and you should go there if that is your intent.

If you want to know how something works such that you can help yourself, this is the right forum because it is my intent to help you.

If you just want quick answers to questions on how to do something to resolve an issue, sorry, that is not my intent and my blog will not be useful in that manner.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

QED — Thu, 10 Jan 2008 03:08:42 GMT

Good material, there is no school like old school.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Paul B — Wed, 23 Jan 2008 11:40:39 GMT

Hi David,

I'm a bit new to this re-direction game so please forgive me if I am bing a bit thick. I have a bit of a problem that I am hoping you might be able to help me with. We need to set up a Web Site in IIS with its own server certificate. I then need this sites to forward to a single internal URL. When we set up a helloworld.htm in the web site, and browse to it we can see that the certificate is being "presented" to the client browser. I thought that all we needed to do was create a default.asp to do a response.redirect to the internal web site and the client browser will be re-directed but will be presented with the certificate first, but that does not seem to be the case. Is there a simple way to redirect to an internal http page from an Https external page with the certificate still being presented to the client?

Paul

We have a site that a company wishes to use, however out site is developed for a number of customers. The site is the same, but the company wishing

We are hosting an ebXML message handler for a number of companies which are all communicating with one single company.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Paul B — Wed, 23 Jan 2008 11:47:54 GMT

Hi David,

Please ignore the ramblings at the bottom of the last post, bit of a cut and paste crisis

Paul

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Arijit Upadhyay — Thu, 24 Jan 2008 21:19:34 GMT

Mass Shared Hosting on Windows with IIS6 - http://blogs.msdn.com/david.wang/archive/2005/09/26/HOWTO_Mass_Shared_Hosting_on_Windows_with_IIS6.aspx - Posted on Monday, September 26, 2005

Is the solution still valid? Because I cannot seem to find the "ISAPI Filter or ISAPI Extension rewrite the URL based on the Host header" on their website - http://www.microsoft.com/serviceproviders/solutions/windowsbasedhosting.mspx

Has it been removed in Version 4.5?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sun, 27 Jan 2008 09:59:22 GMT

Paul B - You should use ISA Server 2006 for this task. It will do SSL Endpoint termination and HTTP routing.

You want to do "Server Side Forwarding" (SSL is irrelevant to the discussion since it happens before HTTP, which is where the redirection happens). That requires a reverse proxy add-on module.

You tried "Client Side Redirection" with response.Redirect

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sun, 27 Jan 2008 10:15:29 GMT

Arijit - the ISAPI Filter is part of the hosting solution. You will not find a link to just download.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Gary — Tue, 05 Feb 2008 15:17:27 GMT

Hi David,

Thanks for allowing me to ask a question. On my IIS webserver, sometimes the IP address is displayed in the URL, i.e. http://100.100.100.100/dir instead of http://www.domain.com/dir. Is it possible to have some re-write on this, or do the re-writes normally exclude the domain part of the URL.

Many thanks in advance for any advice you can offer.

Gary

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Paul B — Thu, 07 Feb 2008 12:29:24 GMT

Hi David,

Thanks for the reply but I don't think we can use ISA Server 2006. We have one IP address, which I need to share between a number of our customers, each of which have their own certificate. You can only set up an ISA Server Web listener to listen on one IP address (unless you know different), and we have a domain name, e.g. https://www.mymainDomain.com pointing to that IP address. I believe you can only have one certificate for each listener. Because of this limitation, we thought that for each customer they can put their company name at the end of the URL, e.g. https://www.MyMainDomain.com/company1, www.MyMainDomain.com/company2, ...etc, and we have set up an SSL tunelling rule to pass requests stright to our IIS. IIS will have a seperate web site in IIS each with their own certificate so that the supplier is presented with the correct certificate for the customer (we have tested this and this seems to work). Each of these URLs then need to be forwarded on the server side to another single internal URL, e.g. http:\\internalserver\AnotherWebPage, but we want the customer not to see this URL, as far as they are concerned we need them to think they are POSTing to https://www.MyMainDomain.com/company1. Its the forwarding the request to the internal site that we are stuck on

Is it possible to do this?

Paul

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Yunus — Tue, 19 Feb 2008 14:23:42 GMT

How to set url dummy @total application execution

yunus.b@sqlstar.com

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Yunus — Tue, 19 Feb 2008 14:25:43 GMT

How to set dummy url @ runtime application execution in ASP.Net

Regards

YUNUS

yunus.b@sqlstar.com

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Wed, 20 Feb 2008 18:13:04 GMT

Paul B - You want Server Side Forwarding, which is certainly possible on IIS but you will have to purchase or find an ISAPI Filter to do it.

I do not believe your scheme to multiplex multiple SSL Certificates over one external IP/Port works. Certainly not for certificates that look like companyA.com and companyB.com. It can work for certificates that look like companyA.MyMainDomain.com and companyB.MyMainDomain.com

The "Magic" is in your tunnel rule that appears to magically know to route https://www.MyMainDomain/company1 traffic to an internal IIS website with its own SSL certificate for company1. Tell me how can the tunnel figure out the URL to tunnel SSL traffic to the correct IIS website when it is encrypted? And if it doesn't figure out the URL, IIS certainly has no way to figure out which website (and server certificate) is supposed to be used.

Anyways, you can use ISA Server in place of the internal IIS server to do the reverse proxying task that you wan.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Wed, 20 Feb 2008 18:15:40 GMT

Gary - fix your web pages to not give the IP. And don't use IP address in as your hostname or redirection hostname.

You never want to have code that is rewriting your outbound request looking for 100.100.100.100 to rewrite to domain.com. That would just kill performance and scalability.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Dave — Fri, 07 Mar 2008 06:40:47 GMT

David, I am your alter-ego looking for a point in the right direction. I've done hardware for many years and plenty of admin, but coding is "magic." I'm tryin' tho.

In short, I've got an IIS server and an edge server on one subnet and Exchange 2007 (hub, mailbox, CAS) on another. As I understand your article, I need Server-Side Forwarding, but I've never done it before and don't know where to begin.

Any references you'd like to share?

I hope it will lead to a better understanding of your other articles. . .

Thanks,

Dave

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

ken — Wed, 12 Mar 2008 01:42:10 GMT

Thanks for your guide but... sorry I can't resist:

"Actually, Apache "core" does NOT perform ANY sort of redirection. You need to install and configure add-on modules like mod_redirect to get Client-Side Redirection, mod_rewrite to get Server-Side Redirection, and mod_proxy to get Server-Side Forwarding. So, the ability to redirect is NOT built-in"

Apache on ubuntu linux:

1) open terminal

2) write: sudo a2enmod rewrite

3) mod rewrite installed and working

No more than 10 seconds.

And as far as I know, software modularity is an advantage, instead of a disadvantage.

Come on David, I believe you can find a better way to defend iis against apache.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 14 Mar 2008 14:40:26 GMT

ken - actually, I am not saying anything about modularity nor "defending"

My point is simple -- if you want to compare two web servers, compare apples to apples.

People tend to treat mod_rewrite, mod_proxy, etc as indistinguishable and fundamental part of Apache when you and I know that they are simply add-on modules which are often bundled together in various combinations on various distros.

These same individuals then complain that IIS does not have mod_rewrite, mod_proxy, etc -- and thus Apache is superior.

Uh, no... compare apples to apples. If you install add-on equivalent of mod_rewrite, mod_proxy, etc onto IIS, it is just as capable as Apache. Their argument holds no water, in my opinion.

I compare IIS and Apache closer to how Apache core developers view the world -- web server core to web server core. And here's my fact -- I know that comparing IIS6 core to Apache 1.x core and 2.x cores, the comparison is a wash -- but IIS7 web server core just runs circles around apache 1.x and apache 2.x core.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Fri, 14 Mar 2008 15:20:46 GMT

Dave - think of another way to expose the CAS server to the other subnet. If they two subnets are truly supposed to be separated, use ISA Server 2006 to bridge them. If they are not supposed to be separated, then what's wrong with your network topology?

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Gregg — Tue, 25 Mar 2008 21:14:44 GMT

We have recently switched to a 'canned' web server, and now calls to the root (http://www.sitename.com) get redirected via 302 to http://www.sitename.com/dir/homepage.asp?Check=1. Why is their server treating it as a 302 (and adding the 'Check' variable) and not just displaying the /dir/homepage.asp without rewriting the url? Documents tab has dir/homepage.asp set as the 'default content page', and there are no ISAPI filters, no custom HTTP headers for the site. There is a load balancer up front, but the results appear to be coming from IIS:

Tested at 3/25/2008 6:11:35 PM / from 74.8.161.66:

URL=http://www.sitename.com

Result code: 302 (Found / Moved Temporarily)

Date: Tue, 25 Mar 2008 18:11:36 GMT

Server: Microsoft-IIS/6.0

Location: http://www.sitename.com/dir/default.asp?Check=1

Content-Length: 177

Content-Type: text/html

Set-Cookie: ASPSES...

Cache-Control: private

New location: http://www.sitename.com/dir/default.asp?Check=1

URL=http://www.sitename.com/dir/default.asp?Check=1

Result code: 200 (OK / OK)

Date: Tue, 25 Mar 2008 18:11:36 GMT

Server: Microsoft-IIS/6.0

Content-Type: text/html

Set-Cookie: ShopperID=D67...

Cache-Control: private

tia.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sat, 19 Apr 2008 07:33:32 GMT

Gregg - No IIS feature ever adds the Check=1 querystring

Thus, it looks like you are seeing 302 redirection made by custom code running on IIS. This is either from:

1. Default Document at http://www.sitename.com

2. *-scriptmap applicable at http://www.sitename.com/

3. ISAPI Filter, either Global or per-website

4. User-configured HttpRedirect at http://www.sitename.com/

5. Networking layer between IIS and browser

You will have to find the custom code and change its behavior.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Morris — Thu, 05 Jun 2008 05:06:22 GMT

http://en.wikipedia.org/wiki/Reverse_proxy has a great discussion about forwarding requests and includes recent links for products that serve the purpose (perhaps biased - it is missing ISA and ISAPIrewrite...).

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Flank — Wed, 09 Jul 2008 06:32:37 GMT

"Where things differ is availability" uhhhhh - should it read: If its not available then its no use for the user?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sun, 13 Jul 2008 14:48:36 GMT

Flank - Not really. I am pointing out that IIS is no less capable than Apache, including add-on behavior.

The difference is the availability of the add-on -- Apache tends to be bundled with a bunch of different modules activated, whether you want it or not, while IIS comes locked down and requires choices that tend to require money in return for support.

Both usage models have their suitable niche. The key difference is the availability of the add-on.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Armando — Tue, 15 Jul 2008 19:51:27 GMT

Hi David, cheers for your paper and posts. They have opened my eyes in the world of URL redirect.

I have a location A (www.domain.com/virtual_directory) that I want to redirect to a location B (100.200.300.400/virtual_directory), and I do not want the end-user to see the IP, I want the user to see the location A in the address bar.

While I am looking for the solution, I am doing clint-side redirect directly with IIS through it's core function "A redirection to an URL", but the problem is that the URL in the address bar shows the IP address that I redirected to from the location A.

What I want to accomplish is a server-side redirect that when the end-user enters location A (www.domain.com/virtual_directory) the user is redirected to the location B (100.200.300.400/virtual_folder) located in another server, and keep the location A (www.domain.com/virtual_directory) in the address bar.

Any help with this regard will be appreciated.

Thanks in advance.

Armando

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

sharlyne — Wed, 30 Jul 2008 23:31:31 GMT

Hi David. I'm new to IIS and found your post interested. I have been reading several sites to try to redirect site.com/page.asp?id=1 to www.site.com/page.asp?id=1 and have come to a stump. I want the user to see www.site.com/page.asp?id=1 in their address bar so I believe I need server-side redirection.

I have been reading the MS support documents on setting redirection in the IIS to a website, but it doesn't redirect the "?id=1" portion of the url. I've tried the different syntax in the redirect $q $v etc, but none of it works. for example, with the redirect url of http://www.site.com$v$q if I submit site.com/page.asp?id=1 I will get the page http://www.site.com/page.asp?id=1/page.asp.

If I leave out the syntax $v$q, then I just get http://www.site.com/page.asp. What am I missing?

Could you point me in the right direction? I see my question is similar to Armando. I have also done what he had in IIS.

Thanks,

Sharlyne

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sat, 02 Aug 2008 23:47:15 GMT

sharlyne - If you want site.com and www.site.com to go to the same website, then you do not want to setup redirections.

Just setup www.site.com and site.com as Host headers in your IIS website.

Then change the DNS record to make both www.site.com and site.com point to your IIS webserver.

Your question actually is not similar to Armando, who wants to mask the redirection. You want to have both hostnames point to the same content.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

ROY — Tue, 05 Aug 2008 10:29:43 GMT

Hi David ..

I want to make a redirection like this

the user request

www.****.com/icon.aspx?m=*

he will get the file in url

www.****.com/icon/*.gif

Is this possible ? And How?

thanks>

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

wolf — Wed, 03 Sep 2008 15:15:19 GMT

Microsoft should make it easy to redirect HTTP to HTTPS in IIS

Apache has done it many years ago.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

BK — Mon, 15 Sep 2008 18:23:10 GMT

"Get ready for this index to be updated with links..."

OK, it's 3 years later and you haven't updated the links.

Too bad, it would have been a helpful article.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Thu, 18 Sep 2008 05:39:12 GMT

BK - Sorry. I just ran out of time since publishing the blog entry. I have a lot of other, often competing interests. You may want to spend a little more time and figure it out because the clues are everywhere.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

prasad yalamanchili — Thu, 18 Sep 2008 09:58:24 GMT

Hi David,

We have two urls http://portal.k2.com/portal/server.pt and http://bizz1.k2.com/portal/server.pt being hosted from the same website or one virtual directory. When the user enters either the first url or second url we need to prepend portal/server.pt to the respective url and also change http mode to https mode when making the actual call. I guess this is a basic redirection using response.redirect but how to do this for two different url's for the same website (Same IP Address and same virtual folder name and actual folder content). Greatly appreciate your wonderful input in this regard. IIS 6.0, Windows 2003. Thanks a lot for your time.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

andri sofiyab — Wed, 24 Sep 2008 05:54:12 GMT

Can you update this article with a HOWTO on exposing http://internal via http://external (IIS) by SQUID?

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

tommy9un — Tue, 30 Sep 2008 22:12:24 GMT

I hope my comments do not go against the spirit of this post. But I do have a question and maybe someone can help me as well. There are many reason for redirecting or forwarding requests. Each has its own tools:

ARR for IIS 7

ISA

ISAPI Rewrite lite and full (includes proxy module)

Site and Virtual folder redirect

Wild card redirect

HTML meta tags

etc

The above is not meant to be a comprehensive list but illustrate the some of the tools that I've looked at. I can't seem to find the right mix to solve my problem. My issue is that I need

1. ISA to filter the request - web server publishing

2. IIS_1 to server the static file - published site from ISA

3. IIS_1 should forward dynamic content requests to IIS_2 - IIS_2 is invisible from ISA

4. IIS_2 is the only server in the stack that has the .Net engine and can make DB connection

There are several ways to classify N-tier application. For my purpose, I say I need to have three tier app: ISA, IIS1, IIS2. There is also a user and a DB cluster. This is a generic .Net hosting env that we are building for all MS & .Net apps. They way we plan to scale this env is by increasing the number of app servers (IIS_2 in this example) leaving the first to tier pretty constant.

Ok, if I had IIS7, I think I would be using ARR for this. But I only have IIS 6 and I can't find a way to do this correctly. This should be pretty much textbook stuff. But it seems everything I read just talks about redirecting request. In contrast, I am looking to build a hierarchy to separate static and dynamic content to servers on different tiers. Those from the java world will probably recognize this as Apache with Websphere plug-in or iPlanet-Weblogic combo.

Not only do the requests have to be hierarchical, but they also need to be application aware. Meaning that session cookies, authentication, and etc have to be preserved and passed on through to the last server in the chain. Oh, and I want to be able to do some end of month reporting and audit of the http logs.

Anyone? Help?!

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

rtait — Wed, 01 Oct 2008 01:08:22 GMT

David,

I am writing an ISAPI Filter where I redirect all user requests to a login page. I am using the SetHeader() method to set the "url" header. I am also creating another custom header that I intend to use in the login page. This is working, but I have one problem. I would like the address that appears in the login page address bar to be the actual login page address. Currently, it is showing up as the address of the originally requested page.

I tried solving this by doing a ServerSupportFunction("302 redirect"), in the ISAPI Filter, but that doesn't retain my custom header.

Thanks, in advance, for any help you can provide.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Thu, 02 Oct 2008 06:20:11 GMT

rtait - You want the 302 redirect to transfer state (the value of the custom header) to the Login Page.

Have the 302 Redirect send the value of the Custom Header as a querystring parameter to the Login Page.

You cannot use Custom Headers to hide the value from the user because Browser is doing the redirect and browsers do not send custom headers.

Depending on the redirect, you may be able to Set a Cookie with the value of the Custom Header and have the browser send the Cookie (since it belongs to the same Domain) to the Login Page.

All other choices involve implementing custom protocol over XMLHTTP and is no longer HTTP itself.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

rtait — Thu, 02 Oct 2008 20:02:12 GMT

David,

Thanks for the info. I understand your explanation.

I really don't want to use a querystring.

Can you elaborate on your idea regarding setting a cookie? I did try setting the "cookie:" header, but like you said the browser is doing the redirect - so that doesn't work.

Thanks gain.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Mon, 06 Oct 2008 05:54:39 GMT

rtait - From the server side, you should be using "Set-Cookie:" response header to set a cookie. Depending on the domain of the cookie being set, the browser may then choose to send the "Cookie:" header on its request to your redirected Login page.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Andre Alexanian — Tue, 30 Dec 2008 21:48:25 GMT

David, can you answer prasad yalamanchili's question from September 18, 2008 2:58 AM, I have the same problem.

Thanks!

//Andre

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Brent Cranmer — Fri, 09 Jan 2009 20:24:43 GMT

Our organization has gone through a name change from domain A to domain B. We have an application (app1) that has always been accessed on https. I need to cut the application over to the domain B URL and want to know if there's a way to do the following redirect:

https://app1.domainA.com to https://app1.domainB.com?

Our users have the old https URL bookmarked as we never had a redirect for http:// setup. Obviously I want to minimize impact to the users and not have to depend upon them to update their bookmarks to be able to continue to access app1.

Thanks,

Brent

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sat, 10 Jan 2009 10:46:41 GMT

Brent - just set up HTTP Redirect on the website for app1.domainA.com to send redirection to https://app1.domainB.com

HTTP Redirect supports other parameters on the redirection as well. Only thing that won't work is a POST request to app1.domainA.com - browsers will not transparently re-POST to app1.domainB.com

You want to use HTTP 301 Permanent Redirection to transparently push the transition. Then, you can stop paying money to keep the domainA.com registered and a website running to redirect for it.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Colleen — Fri, 16 Jan 2009 21:14:17 GMT

Hi David,

I am new to this environment and need a little help.

Currently we have several websites within our company, an advertisement has gone out without the www in front of our website. The business would like to modify our IIS to allow for both entries. One using the www.whatever.com and one using whatever.com. I thought this would be easy enough... I've tried it two ways...

ONE...

I went into the IIS properties of the current website and added another host header name - website minus the www.

TWO...

I tried adding another website called for example... whatever.com. once this was created I went into the properties and Home Directory - clicked "A redirection to a URL" and entered the full web address... including the www.. so I would have entered www.whatever.com...

Neither one of these are working... Do you have any ideas on what I am missing within these steps???

Any help would be greatly appreciated.

Thanks so much

CFC

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David.Wang — Sat, 17 Jan 2009 06:52:54 GMT

Colleen - What you are missing is outside of IIS configuration. Make sure DNS is setup correctly to resolve both website with and without www. to your web server.

Both of your actions should work. First option allows user to browse the website with and without www. and wouldn't notice the difference. Second option would make all users would did not type www. redirect to see in their URL location bar the www. hostname.

//David

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Steve B — Thu, 05 Feb 2009 23:45:18 GMT

Hi David,

I have a group that uses IIS 6 on Win 2003 EE with SP2. The have a main DNS entry research.university.edu registered to an host and IP which works just fine and has only a single site being hosted. So there is a default page non-ssl. We have added another environment on another server with a new hostname and IP same server type and O/S. What they want is to have some sort of rewrite that will allow clients to get to either environment but disply the research.university.edu link back to the browser. Is this possible?

Example: research.university.edu\research would keep the client on the existing box, no problem. But if a client should choose the second environment from the default page it has to go to another server, but they want to the client to see research.university.edu\enviornment2 in the URL display on the browser, yet I don't think it is possible.

Since they didn't consider this when archieteching this years ago there is a lot of code and e-mail that they don't want to change so now I have to find them the mythical unicorn.

Can I do this with mod_rewrite?

Any help would be aprreciate, my eyes are bleeding from all this reading and I am confused.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

John G — Fri, 06 Feb 2009 19:03:02 GMT

This blog doesn't say anything about anything. It has been going for three years and there is nothing in here. It needs to be deleted so it doesn't show up on the search engines.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Aldo M — Tue, 10 Feb 2009 17:44:54 GMT

Hi David

Our company web server is used to serve data through port 443 - SSL with a certificate installed and running fine - at https://companyname.com (443). http://companyname.com (80) on that same server is currently not serving pages.

We would like to have a web site outside our company at http://companyname.net (not .com). Is it possible to redirect only port 80 traffic to a different IP address/web site?

Any help would be appreciated.

Thanks so much for a great article.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

govind — Wed, 18 Mar 2009 08:57:43 GMT

Great article ...very help contents....thanks buddy....you simply rocks...!!!!!!!!!

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

fkinuselessarticle — Mon, 23 Mar 2009 18:16:56 GMT

u suck with ur article and ur fkin ego

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

rob merritt — Wed, 24 Jun 2009 22:48:39 GMT

Hi I am trying to redirect a url

https://gscsmail.gscs.sk.ca/exchange

https://gscsmail.scs.sk.ca/exchange

to avoid purchasing a 2nd cert

the code I have will repoint to the new contect however the URL remains the same and I still get barked at by the cert. I am trying to get this to act like mod_rewrite in apache (you'd think MS would have a tool to do this)

code:

// REDIRECTOR.CPP - Implementation file for your Internet Server

// redirector Filter

#include "stdafx.h"

#include "redirector.h"

///////////////////////////////////////////////////////////////////////

// The one and only CRedirectorFilter object

CRedirectorFilter theFilter;

///////////////////////////////////////////////////////////////////////

// CRedirectorFilter implementation

CRedirectorFilter::CRedirectorFilter()

{

}

CRedirectorFilter::~CRedirectorFilter()

{

}

BOOL CRedirectorFilter::GetFilterVersion(PHTTP_FILTER_VERSION pVer)

{

// Call default implementation for initialization

CHttpFilter::GetFilterVersion(pVer);

// Clear the flags set by base class

pVer->dwFlags &= ~SF_NOTIFY_ORDER_MASK;

// Set the flags we are interested in

pVer->dwFlags |= SF_NOTIFY_ORDER_HIGH | SF_NOTIFY_SECURE_PORT | SF_NOTIFY_NONSECURE_PORT

| SF_NOTIFY_PREPROC_HEADERS | SF_NOTIFY_END_OF_NET_SESSION;

// Load description string

TCHAR sz[SF_MAX_FILTER_DESC_LEN+1];

ISAPIVERIFY(::LoadString(AfxGetResourceHandle(),

IDS_FILTER, sz, SF_MAX_FILTER_DESC_LEN));

_tcscpy(pVer->lpszFilterDesc, sz);

return TRUE;

}

DWORD CRedirectorFilter::OnPreprocHeaders(CHttpFilterContext* pCtxt,

PHTTP_FILTER_PREPROC_HEADERS pHeaderInfo)

{

char buffer[256];

DWORD buffSize = sizeof(buffer);

BOOL bHeader = pHeaderInfo->GetHeader(pCtxt->m_pFC, "url", buffer, &buffSize);

CString urlString(buffer);

urlString.MakeLower(); // for this exercise

if (urlString.Find("gscs.") != -1) //we want to redirect this file

{

urlString.Replace("gscs.","scs.");

char * newUrlString= urlString.GetBuffer(urlString.GetLength());

pHeaderInfo->SetHeader(pCtxt->m_pFC, "url", newUrlString);

return SF_STATUS_REQ_HANDLED_NOTIFICATION;

}

//we want to leave this alone and let IIS handle it

return SF_STATUS_REQ_NEXT_NOTIFICATION;

}

DWORD CRedirectorFilter::OnEndOfNetSession(CHttpFilterContext* pCtxt)

{

// TODO: React to this notification accordingly and

// return the appropriate status code

return SF_STATUS_REQ_NEXT_NOTIFICATION;

}

// Do not edit the following lines, which are needed by ClassWizard.

#if 0

BEGIN_MESSAGE_MAP(CRedirectorFilter, CHttpFilter)

//{{AFX_MSG_MAP(CRedirectorFilter)

//}}AFX_MSG_MAP

END_MESSAGE_MAP()

#endif // 0

///////////////////////////////////////////////////////////////////////

// If your extension will not use MFC, you'll need this code to make

// sure the extension objects can find the resource handle for the

// module. If you convert your extension to not be dependent on MFC,

// remove the comments arounn the following AfxGetResourceHandle()

// and DllMain() functions, as well as the g_hInstance global.

/****

static HINSTANCE g_hInstance;

HINSTANCE AFXISAPI AfxGetResourceHandle()

{

return g_hInstance;

}

BOOL WINAPI DllMain(HINSTANCE hInst, ULONG ulReason,

LPVOID lpReserved)

{

if (ulReason == DLL_PROCESS_ATTACH)

{

g_hInstance = hInst;

}

return TRUE;

}

****/

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Doug — Wed, 05 Aug 2009 14:10:46 GMT

David, spot the similarity:

http://umakanthn.blogspot.com/2006/05/url-redirection-basics-for-iis.html?showComment=1249470563587#c5590832175879454994

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Javier — Thu, 10 Sep 2009 21:07:08 GMT

Hello, this is my case: I have a URL www.nametoolong.com and I have another URL www.ntl.com which is an easy url for the visitors to remember. Now when someone comes thru the short url and I do a redirect to my regular long url I know I'm losing session info and some other stuff. Is there a way to redirect/formard the short url to the long one? i.e. when I type www.ntl.com/promo and hut enter I would like to load www.nametoolong.com/promo ... many thanks for the help!

Javier

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Kirrin — Fri, 25 Sep 2009 20:52:54 GMT

Don't want to seem silly here, but did I miss the actual HOW-TO? I do not see any instructions on how to get this done. What I would like to do (based on your taxonomy), is server-side redirection or http://external to http://internal, with the external never changing. I however do not see your instructions on getting this done.

Could you please point me to where the instructions actually are?

I would really like to have a look at your instructions as I'm required to implement this soon. Much appreciated.

Thanks.

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

kyle — Fri, 16 Oct 2009 08:35:26 GMT

hi,david

in method OnUrlMap,

pCtxt->ServerSupportFunction(SF_REQ_SEND_RESPONSE_HEADER, "403 Forbidden", NULL, NULL);

return SF_STATUS_REQ_FINISHED;

it work well in IIS 6.0, but in IIS 7.0, i receive page like HTTP/1.1 403 Forbidden, [HTTP/1.1 403 Forbidden] this content show in the page, could you give me some advice? please send me email: cothly@hotmail.com

thank you in advance!

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

David Hazar — Thu, 12 Nov 2009 06:20:38 GMT

Here is a tutorial I wrote with specific examples on how to set up server-side IIS redirection. Examples include redirecting Exchange to SSL and redirecting with Parameters.

<a href='http://davidhazar.blogspot.com/2009/11/iis-makes-website-redirection-easy.html'>http://davidhazar.blogspot.com/2009/11/iis-makes-website-redirection-easy.html</a>

re: HOWTO: Common URL Redirection Techniques for IIS, Summary

Robert — Thu, 10 Dec 2009 17:05:57 GMT

I would greatly appreciate assistance.

We have only one server running windows 2008 server, and exchange 2010 server, and apache.

When we type in the URL www.mydomain.com, IIS does not transer it to port 8080 (Where Apache is configured to listen to), and you get the following error "403 - Forbidden: Access is denied.". if you type in the browser www.mydomain.com:8080, everything works.

What needs to be configured to allow incoming HTTP to be forwarded to port 8080?

Any guidance or links to solve this would help.

Thanks in advance