Join Log in
Score:-1
moosearch avatar Server

IIS Redirect - Hostname to Alias with only HTTP Redirect

ru flag
moosearch

I have a Windows 2016 server (FQDN: server1.domain) in an Active Directory domain. I am hosting intranet web apps in IIS.

I recently got an alias (FQDN: CoolName.domain) for that server created in the DNS. TLS certificates were generated by the internal certificate authority. Within IIS, I bound port 443 to hostnames CoolName.domain and CoolName with the certificate.

I want to be able to redirect my existing apps from the old domain (ie. server1.domain/app1) to the alias (ie. CoolName.domain/app1) whenever people type in the old domain. Also force HTTPS if they're using HTTP.

My attempt was using the HTTP Redirect module at the server level within IIS Manager and filled out the following:

  1. Redirect requests to this destination: https://CoolName.domain

  2. Redirect behaviour: Checked Redirect all requests to exact destination (instead of relative to destination)

  3. Then pressed apply.

An image reference of the options I did: https://i.stack.imgur.com/vgPld.jpg

When I visit the following links, they failed to redirect:

http://server1

http://CoolName

http://CoolName.domain

Only http://server1.domain ended up redirecting to https://CoolName.domain.

As soon as I tried redirecting any url that went beyond the domain, like http://CoolName.domain/app1, it doesn't redirect. I tried unchecking the box for Redirect all requests to exact destination (instead of relative to destination) in #2.

Is my requirement possible to do with only HTTP Redirect?

611
1 + 4
iis
Lex Li avatar
vn flag
Lex Li
Consider that setting can be set a various level (machine/site/application), you will have to show a complete screen shot to reveal where exactly you set it. Besides, people really should study URL Rewrite module in 2023 to perform URL manipulation in all kinds of scenarios, not HTTP Redirect module.
0
Reply
moosearch avatar
ru flag
moosearch
@LexLi I had it set at the machine/server level when I did my testing. I'll consider the URL Rewrite module if I can't do it with HTTP Redirect - Getting that module approved (or anything) for usage in the work environment is a bit of a pain so I looked at this solution first.
0
Reply
Lex Li avatar
vn flag
Lex Li
Weird if you set it on machine/server level, but FRT should reveal more about those URLs that do not redirect, https://learn.microsoft.com/en-us/iis/troubleshoot/using-failed-request-tracing/troubleshoot-with-failed-request-tracing You need to trace 200-999 status code responses so as to track all incoming requests and how they are processed.
0
Reply
moosearch avatar
ru flag
moosearch
@LexLi I ended up following this answer in this post here and it did what I wanted to do: https://stackoverflow.com/a/49460688 . I realized I didn't mention the "Too many Redirects" error in my initial post and I apologize for that. This should get me going while I actually get URL-Rewrite approved for usage in my workplace though - It would have been a trivial task for what I wanted to do... The FRT was a nice tool for tracing though - thanks for that.
0
Reply
Score:0
moosearch avatar Server
ru flag
moosearch

I neglected to mention in my initial post that I was receiving errors pertaining to "Too many HTTP Redirects". Turns out enabling HTTP Redirect AND redirecting to the SAME website (even with a different alias) will endlessly redirect. Apparently IIS isn't smart enough to detect whether it was redirecting to the same domain or not. Go figure. I ended up solving my issue by following the instructions here: https://stackoverflow.com/a/49460688

To summarize: You are creating a dummy website and binding all the port 80 HTTP traffic through on that site on IIS, then you can redirect to HTTPS configured on your original IIS web site. To do so:

  1. The Default Web Site - Bind all HTTP traffic to a free port that isn't 80 (or you can remove the HTTP binding). Leave the HTTPS bindings alone.

For Default Website, change the HTTP binding to a different port or remove it.

  1. Create a new Web Site in IIS (RedirectSite): Bind all HTTP traffic to port 80.

Configure bindings to port 80 for the dummy site RedirectSite.

  1. Within the DummySite settings, click on HTTP Redirect. Check the box for "Redirect requests to this destination"; in the destination URL field, type in the full domain with HTTPS. eg. https://CoolName.domain. HTTP Code 301. No other boxes need to be checked since I wanted to redirect everything relative to the domain. Make sure you hit "Apply" to save your settings.

Step 3, configuring the redirect

  1. After applying the settings, wait for a few minutes for the changes to propagate if you're using Windows authentication. I had issues with authentication errors (HTTP 40x.x) when I tried the redirects. Clear your cache on your client browser before testing the links.

  2. Test. I ended up using the links as per my initial post:

http://server1

http://server1.domain

http://CoolName

http://CoolName.domain

These links should end up redirecting to https://CoolName.domain.

As a side note for both websites if applicable:

  • Ensure IIS_IUSRS and IUSR have read/execute permissions on the web site directories. Same with [Server_name]\Users

  • Double check that Windows authentication is configured correctly

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.