-1

I have been trying solutions for 6 hours to get this right but cannot find anything on either stack or microsoft's dev blogs. I am trying to force an HTTPS redirect from all external calls to my website while still going to the HTTP site when the website is accessed via an internal call, in this case by use of the IP address 192.168.8.68 in the URL bar of the browser. This worked perfectly until we installed an SSL certificate yesterday and implemented the following redirect rule:

<rule name="Redirect to HTTPS" patternSyntax="Wildcard" stopProcessing="true">
    <match url="*" />
    <conditions logicalGrouping="MatchAny">
        <add input="{HTTPS}" pattern="OFF" />
    </conditions>
    <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>

What I would like to know is, how would i bypass this if the incoming IP Address has the form 192.168.8.*? Adding specific iPs in regex causes the website to fail to load with a "Too many redirects error". I have already looked at the following list of questions in an attempt to solve this problem:

https://forums.iis.net/t/1166994.aspx?Rewrite+Redirection+for+only+external+users

IIS 7.5 redirect certain requests to other server using ip address

IIS | Block page specific url except for specific internal IP address

https://docs.secureauth.com/display/KBA/Use+URL+Rewrite+for+IP+Restrictions

Two instances of the same Website on IIS with different web.config (two different databases)

Single Website Directory / Multiple IIS Websites (Multiple web.config files)

ZGC1
  • 55
  • 8
  • At least the fourth link shows how to add IP address related conditions, which answers your question. When some attempts did not work, learn FRT to debug, https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/using-failed-request-tracing-to-trace-rewrite-rules – Lex Li Feb 19 '20 at 13:48
  • You are correct Lex, but what i should have mentioned is that that particular solution caused the website to crash due to too many redirects – ZGC1 Feb 20 '20 at 07:49

1 Answers1

0

You could use this rule to bypass the request from ip 192.168.8.*.

<rule name="Redirect to HTTPS" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
    <match url=".*" />
    <conditions logicalGrouping="MatchAny">
                        <add input="{HTTPS}" pattern="OFF" />
                        <add input="{REMOTE_ADDR}" pattern="192\.168\.8\.[0-9]+" negate="true" />
    </conditions>
    <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" redirectType="Permanent" />
</rule>
Jokies Ding
  • 3,374
  • 1
  • 5
  • 10
  • Hi Jokies. As mentioned in my comment on the question, this causes the website to fail to load as there are too many redirects involved. – ZGC1 Feb 20 '20 at 07:54
  • @ZGC1. Sorry, my bad. I forgot to modify "logicalGrouping",Please set the flag to – Jokies Ding Feb 20 '20 at 08:42