Reputation: 41550
Rewrite rule to HTTPS except when on localhost
I am using the answer given here as the basis for trying to add a rewrite rule to my web.config file. I want it to match any url that is not running on localhost in order to force https.
Here is what I have right now:
<system.webServer>
<rewrite> <!-- force https - https://stackoverflow.com/a/15119044/51 -->
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="^((?!localhost).)*$"/>
<conditions>
<add input="{HTTPS}" pattern="^OFF$"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther"/>
</rule>
</rules>
</rewrite>
</system.webServer>
I am trying to use a negative lookaround in order to only match url's that do not include "localhost" within the url. But this is not working.
So how should this rule be set up in order to only rewrite non-localhost url's?
Upvotes: 43
Views: 19928
Answers (3)
Reputation: 2918
Regular expression updated, this works for me, with a custom Port
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="(localhost)(:\d+)" negate="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="(127.0.0.1)(:\d+)" negate="true" />
Upvotes: 0
Reputation: 3190
Adding to anubhava's answer, you can replace the add element for localhost with the following 2 entries to cater for both localhost and 127.0.0.1 with optional ports e.g localhost:59400 which is the case when debugging through visual studio and IIS
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost(:\d+)?$" negate="true" />
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^127\.0\.0\.1(:\d+)?$" negate="true" />
With the original answer, localhost:123 would be redirected to https which may not be desirable.
Upvotes: 59
Reputation: 785651
Try this condition:
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" stopProcessing="true">
<match url="^(.*)$"/>
<conditions>
<add input="{HTTPS}" pattern="^OFF$"/>
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^localhost$" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther"/>
</rule>
</rules>
</rewrite>
</system.webServer>
Using a negate condition against the localhost pattern should do the trick.
Upvotes: 59
Related Questions
- IIS URL Rewrite https rule ignoring localhost
- Web.config URL Rewrites - HTTPS and Non-WWW
- URL Rewrite Force to https except one domain
- IIS rewrite rule with exact match https url results in error
- "non-www to www" and "https" rewrite rule in web.config but not localhost ASP.NET MVC
- IIS Rewrite Rule in web.config to redirect HTTPS requests to HTTP
- IIS rewrite rule to redirect https to http not working
- Web.config webServer rewrite rules for local and remote
- Rewrite rule to WWW except when on localhost
- rewrite rule not redirecting http to https