Press Ctrl / CMD + C to copy this to your clipboard.
This post will be reported to the moderators as potential spam to be looked at
Hi,
I'm experiencing some problems when re-writing URLs to SSL. I'm using Umbraco v4 on IIS7. I've set IIS to use the classic ASP.NET pipeline.
We want to secure the following areas of the site:
/umbraco/
/contact/
/contact2/
When a user leaves contact and contact2 it should re-direct to the insecure site.
I have tried this using the IIS re-writer in IIS7 using the following rules:
<rules> <clear /> <rule name="redirect 2insecure" stopProcessing="true"> <match url="(^umbraco/|^contact/|^contact2/)" negate="true" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="on" /> </conditions> <action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" /> </rule>
<rule name="redirect 2secure" stopProcessing="true"> <match url="(^umbraco/|^contact/|^contact2/)" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="off" /> <add input="{URL}" pattern="imagegen.ashx" negate="true" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" /> </rule></rules>
This breaks the umbraco interface and means that content is not allowed to be inserted/uploaded.
I have also tried running with just the following:
<rules> <clear /> <rule name="redirect 2secure" stopProcessing="true"> <match url="(^umbraco/|^contact|^contact2/)" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="off" /> <add input="{URL}" pattern="imagegen.ashx" negate="true" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" /> </rule></rules>
This also stops the site working correctly, i.e. cannot install umbraco modules.
Can anyone spot a mistake in my logic?
How do people normally secure Umbraco? Does the useSSL option in web.config work?
Any help greatly appreciated.
Many thanks
Rgds
Paul
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.
Continue discussion
Redirecting umbraco and subfolders to SSL not working
Hi,
I'm experiencing some problems when re-writing URLs to SSL. I'm using Umbraco v4 on IIS7. I've set IIS to use the classic ASP.NET pipeline.
We want to secure the following areas of the site:
/umbraco/
/contact/
/contact2/
When a user leaves contact and contact2 it should re-direct to the insecure site.
I have tried this using the IIS re-writer in IIS7 using the following rules:
<rules>
<clear />
<rule name="redirect 2insecure" stopProcessing="true">
<match url="(^umbraco/|^contact/|^contact2/)" negate="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
<rule name="redirect 2secure" stopProcessing="true">
<match url="(^umbraco/|^contact/|^contact2/)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" />
<add input="{URL}" pattern="imagegen.ashx" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
</rules>
This breaks the umbraco interface and means that content is not allowed to be inserted/uploaded.
I have also tried running with just the following:
<rules>
<clear />
<rule name="redirect 2secure" stopProcessing="true">
<match url="(^umbraco/|^contact|^contact2/)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" />
<add input="{URL}" pattern="imagegen.ashx" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
</rules>
This also stops the site working correctly, i.e. cannot install umbraco modules.
Can anyone spot a mistake in my logic?
How do people normally secure Umbraco? Does the useSSL option in web.config work?
Any help greatly appreciated.
Many thanks
Rgds
Paul
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.