0

I'm trying to do a redirect from http to https on IIS 8.5 for a specific site. I followed the instructions here (and here), copying the exact web.config file in the answer. I'm getting a, "too many redirections", error in all browsers when the top rule is enabled. Disabling that rule stops the error.

The site "bindings..." has both ports 80 and 443 configured and a valid cert is assigned to the 443 binding. The 'URL Rewrite' module is installed.

This Win 2012 VM is behind an F5 load balancer which I have no access to other than opening tickets to the data center.

The goal is to redirect all http requests to https for this particular site. This site is just a test site with a static index.html document.

The exact web.config is this:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="HTTP to HTTPS redirect" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
                    </conditions>
                    <action type="Redirect" url="https://{HTTP_HOST}/{R:1}"
                        redirectType="Permanent" />
                </rule>
            </rules>
            <outboundRules>
                <rule name="Add Strict-Transport-Security when HTTPS" enabled="true">
                    <match serverVariable="RESPONSE_Strict_Transport_Security"
                        pattern=".*" />
                    <conditions>
                        <add input="{HTTPS}" pattern="on" ignoreCase="true" />
                    </conditions>
                    <action type="Rewrite" value="max-age=31536000" />
                </rule>
            </outboundRules>
        </rewrite>
    </system.webServer>
</configuration>
Andrew Schulman
  • 8,561
  • 21
  • 31
  • 47
mindmischief
  • 162
  • 2
  • 2
  • 9
  • 1
    If your web server is behind an F5 load balancer it might be that the F5 is also doing SSL termination. Then all TLS traffic from the outside will appear as plain http on your web server. Redirecting to https on the web server , rather than on the F5, will then also happen when the client is already connected via https ... That causes an infinite redirect loop. – HBruijn May 17 '18 at 23:15
  • @HBruijn is there any way to test for this on the IIS server to confirm or do I need to talk to the data center? thx! – mindmischief May 18 '18 at 15:35

1 Answers1

2

My IIS servers are behind an F5 load balancer which was causing this. I had the Data Center manage all redirection from http to https on their end.

mindmischief
  • 162
  • 2
  • 2
  • 9