Some example rules to help you get started

Oct 24, 2008 at 4:43 PM
Edited Oct 24, 2008 at 4:55 PM
I am posting some rules that I have been able to successfully implement on my server.

# see http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewriteflags for rewrite flags

RewriteEngine On
RewriteOptions MaxRedirects=5
RewriteLogLevel 0
RewriteLog "C:\inetpub\wwwroot\App_Data\rewrite.log"
RewriteBase /

# REQUIRE CORRECT URL FORMAT
RewriteCond %{HTTP_HOST} ^domain\.com$
RewriteRule ^(.*)$ http://www.%0$1 [R=301,L]

# REDIRECT TO LIVEFM
RewriteRule ^/lastfm-recenttracks\.(.*) http://ws.audioscrobbler.com/2.0/?method=user.getrecenttracks&user=dscoduc&api_key=123 [NC,P]

# BLOCK HOTLINKING
RewriteCond %{HTTP_REFERER} !^((http|https)://)?(www\.)?domain\.com/.*$ [NC]
RewriteRule \.(gif|jpe?g|png|bmp|js)$ - [F,L]

# BLOCK EMPTY USERAGENTS EXCEPT FOR THE IP ADDRESSES IN THE 2ND CONDITION
RewriteCond %{HTTP_USER_AGENT} !^.+$
RewriteCond %{REMOTE_ADDR} !^12\.34\.56\.78$
RewriteRule .* - [F,L]

# BLOCK BOTS/SPAMMERS BASED ON THEIR USERAGENT
RewriteCond %{HTTP_USER_AGENT} (sogou|baiduspider|sosospider|larbin) [NC]
RewriteCond %{REMOTE_ADDR} !^12\.34\.56\.78$
RewriteRule .* - [F,L]

# HTTP REQUIRED PAGES
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !(/login\.aspx|/securepage\.aspx).*$ [NC]
RewriteCond %{HTTP_HOST} (.+)
RewriteRule ^(.*)$ http://%2$1 [R=301,L]

# HTTPS REQUIRED PAGES
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} (/login\.aspx|/securepage\.aspx).*$ [NC]
RewriteCond %{HTTP_HOST} (.+)
RewriteRule ^(.*)$ https://%2$1 [R=301,L]

Nov 4, 2008 at 5:52 AM
I had to disable the last two RewriteRules becuase I discovered a flaw in the logic...  Specifically, the images and scripts were being bounced back and forth between HTTPS because each object request was matching the HTTP REQUIRED PAGES rule...  I am really looking for a suggestion on how to handle this issue...

Suggestions?
Nov 4, 2008 at 7:53 AM
So I updated the HTTP Rewrite rule with the following and it appears to works...

# HTTP REQUIRED PAGES
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !(/login\.aspx|/password-maker\.aspx|/metaweblog\.axd).*$ [NC]
RewriteCond %{REQUEST_URI} /.*(\.aspx).*$ [NC]
RewriteCond %{HTTP_HOST} (.+)
RewriteRule ^(.*)$ http://%3$1 [R=301,L]

Coordinator
Nov 4, 2008 at 1:52 PM
Thanks for the update I am creating Unit tests for all the issues you have brought up, to make sure everything works in the future as it should.

One thing to note though is that the following doesn't work in your config file.
RewriteOptions MaxRedirects=5
There isn't support for RewriteOptions yet.

I see that you got this working now.  Can you tell me in a perfect world how your mod_rewrite syntax should look, so I can update the corner cases that are missing.

Mar 4, 2009 at 11:09 PM
Does the MaxRedirects option work yet?
Mar 4, 2009 at 11:44 PM
Here is the latest version of my rewriter.rules file with the latest options and flags in case anyone needs some examples:
RewriteEngine On
RewriteOptions MaxRedirects=5
RewriteLogLevel 0
#RewriteLog "C:\Logfiles\UrlRewriter\rewrite.log"
RewriteBase /

# REQUIRE CORRECT URL FORMAT
RewriteCond %{HTTP_HOST} ^dscoduc\.com$
RewriteRule ^(.*)$     http://www.%1$1 [R=301,L]

# Redirect ~/ to ~/default.aspx
RewriteRule ^(.*)/$    $1/default.aspx [NC,NS,R=301,L]

# HTTP required pages
RewriteCond %{HTTPS} =on
RewriteCond %{HTTP_HOST} (.+)
RewriteCond %{REQUEST_URI} !(/login\.aspx).*$ [NC]
RewriteCond %{REQUEST_URI} !(/password-maker\.aspx).*$ [NC]
RewriteCond %{REQUEST_URI} !(/metaweblog\.axd).*$ [NC]
RewriteCond %{REQUEST_URI} /.*(\.aspx).*$ [NC]
RewriteRule ^(.*)$ http://%2$1 [R=301,L]

# HTTPS required pages
RewriteCond %{HTTPS} =off
RewriteCond %{HTTP_HOST} (.+)
RewriteCond %{REQUEST_URI} (/login\.aspx).*$ [NC,OR]
RewriteCond %{REQUEST_URI} (/password-maker\.aspx).*$ [NC,OR]
RewriteCond %{REQUEST_URI} (/metaweblog\.axd).*$ [NC]
RewriteRule ^(.*)$ https://%2$1 [R=301,L]

# Proxy category requests
RewriteRule ^/(security|personal|technology)     /category/$1.aspx [NC,P]

# Proxy resource requests
RewriteRule ^/(toolbox|resources|code)     /page/MyToolbox.aspx [NC,P]

# Redirect to Password Maker
RewriteRule ^/(password-maker|passwordmaker|password)     /page/Password-Maker.aspx [NC,P]
Coordinator
Mar 5, 2009 at 1:57 AM
No I never really unerstood what MaxRedirects was for.  Can you explain.
Mar 5, 2009 at 2:09 AM
Edited Mar 5, 2009 at 2:16 AM
It lets you adjust the default number of loops that are performed before the rewriter gives up... the default is 10 but you can adjust it down for testing, or up for more complex rewriting needs...
From the apache site...
In order to prevent endless loops of internal redirects issued by per-directory RewriteRules, mod_rewrite aborts the request after reaching a maximum number of such redirects and responds with an 500 Internal Server Error. If you really need more internal redirects than 10 per request, you may increase the default to the desired value.
Mar 6, 2009 at 7:41 AM
I need help, so here's the bottom line:

I'm hosting several domains on an IIS6 webserver.

I've got a ruby on rails site that I need to host on windows.
So I'm using mongrel ( see http://mongrel.rubyforge.org/) which is a webserver built in ruby.
I have one instance of mongrel running on port 7000 and I want to use this UrlRewriter to proxy or rewrite
the mongel data back through IIS6. I have other websites running on this server as well that are ASP.NET applications.

Rails apps generally are extension-less url paths. So how do I write rewrite rules for the following?

(For example)

IIS6 (what the user sees or types in their URL)                    Mongrel
http://www.MyWebSite.com                                                 http://localhost:7000      (note that the default for Rails App is index or / )
http://www.MyWebSite.com/cars                                         http://localhost:7000/cars
http://www.MyWebSite.com/boats                                       http://localhost:7000/boats
http://www.MyWebSite.com/houses                                     http://localhost:7000/houses
http://www.MyWebSite.com/details/5/4                               http://localhost:7000/details/5/3  (query string values)

How would I handle static pages separate from the dynamic MVC pages?

The server is a VPS server. I can NOT upgrade to IIS7 :(

I would appreciate some direct answers relating to the above scenarios...  that would really help me out.
I really need to get this solution working.

I think what you've done is great... I just want to know will it work for me.

Coordinator
Mar 6, 2009 at 12:09 PM
This is all you need inorder to proxy from your website to the localhost

RewriteRule ^/(.*)$    http://localhost:7000/$1 [P]

I don't know what you mean by static pages vs. MVC pages, they are handled the same way the server is going to handle them.  The reverse proxy can be thought of as just another browser.

Nick
Coordinator
Mar 6, 2009 at 12:11 PM
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.
Mar 6, 2009 at 10:05 PM
 RewriteRule ^/(.*)$    http://localhost:7000/$1 [P]
does not work.

Will it help if i create a short screencast to show my issue?

Let me know.
Coordinator
Mar 8, 2009 at 3:20 PM
Edited Mar 8, 2009 at 3:21 PM
Sure if you think it would help.

Also make sure you have wildcard support enabled in IIS 6.0.  It shows how to set this up in the ReadMe.txt.
Mar 9, 2009 at 2:48 AM
I added wildcard support in IIS 6.0 according to your readme and I'm happy to report...
IT WORKS!!!

This means that one can run Ruby on Rails with mongrel, or thin and proxy through IIS!!!
I don't have to buy/run a separate linux server to host my ruby solutions.

Thanks. Thanks. Thanks!
Coordinator
Mar 9, 2009 at 1:51 PM
Glad it worked for you.  Pass it on to your community.
Apr 6, 2009 at 12:24 PM
Hello

I have a problem to make Rewriter and Reverse Proxy works.

Here is the situation

IIS 7                Non IIS server    
http://www.xxxx.com/test  ->    http://localhost:495/test

I have this rule

RewriteEngine on
RewriteBase test
RewriteRule ^(.*)$ http://localhost:495/test$1 [P]

is this good ?
i want to redirect only the traffic from iis /test

Thanks

Coordinator
Apr 6, 2009 at 2:09 PM
Please stop tacking on to old threads.  Start a new one if you have a problem, it is easier to track that way.

It looks ok, but try this instead, since you only have one rule

RewriteEngine on
RewriteRule ^/test(.*)$ http://localhost:495/test$1 [P]