Press Ctrl / CMD + C to copy this to your clipboard.
This post will be reported to the moderators as potential spam to be looked at
Hi,
I'm experiencing some problems when re-writing URLs to SSL. I'm using Umbraco v4 on IIS7. I've set IIS to use the classic ASP.NET pipeline.
We want to secure the following areas of the site:
/umbraco/
/contact/
/contact2/
When a user leaves contact and contact2 it should re-direct to the insecure site.
I have tried this using the IIS re-writer in IIS7 using the following rules:
<rules> <clear /> <rule name="redirect 2insecure" stopProcessing="true"> <match url="(^umbraco/|^contact/|^contact2/)" negate="true" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="on" /> </conditions> <action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" /> </rule>
<rule name="redirect 2secure" stopProcessing="true"> <match url="(^umbraco/|^contact/|^contact2/)" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="off" /> <add input="{URL}" pattern="imagegen.ashx" negate="true" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" /> </rule></rules>
This breaks the umbraco interface and means that content is not allowed to be inserted/uploaded.
I have also tried running with just the following:
<rules> <clear /> <rule name="redirect 2secure" stopProcessing="true"> <match url="(^umbraco/|^contact|^contact2/)" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="off" /> <add input="{URL}" pattern="imagegen.ashx" negate="true" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" /> </rule></rules>
This also stops the site working correctly, i.e. cannot install umbraco modules.
Can anyone spot a mistake in my logic?
How do people normally secure Umbraco? Does the useSSL option in web.config work?
Any help greatly appreciated.
Many thanks
Rgds
Paul
is working on a reply...
Write your reply to:
Upload image
Image will be uploaded when post is submitted
Redirecting umbraco and subfolders to SSL not working
Hi,
I'm experiencing some problems when re-writing URLs to SSL. I'm using Umbraco v4 on IIS7. I've set IIS to use the classic ASP.NET pipeline.
We want to secure the following areas of the site:
/umbraco/
/contact/
/contact2/
When a user leaves contact and contact2 it should re-direct to the insecure site.
I have tried this using the IIS re-writer in IIS7 using the following rules:
<rules>
<clear />
<rule name="redirect 2insecure" stopProcessing="true">
<match url="(^umbraco/|^contact/|^contact2/)" negate="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
<rule name="redirect 2secure" stopProcessing="true">
<match url="(^umbraco/|^contact/|^contact2/)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" />
<add input="{URL}" pattern="imagegen.ashx" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
</rules>
This breaks the umbraco interface and means that content is not allowed to be inserted/uploaded.
I have also tried running with just the following:
<rules>
<clear />
<rule name="redirect 2secure" stopProcessing="true">
<match url="(^umbraco/|^contact|^contact2/)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" />
<add input="{URL}" pattern="imagegen.ashx" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
</rules>
This also stops the site working correctly, i.e. cannot install umbraco modules.
Can anyone spot a mistake in my logic?
How do people normally secure Umbraco? Does the useSSL option in web.config work?
Any help greatly appreciated.
Many thanks
Rgds
Paul
is working on a reply...