Problem
We currently have two ASP.NET MVC projects being served up from a Windows Server 2012 R2 with IIS 8.5 like so:
foohosted onserver.com/foobarhosted onserver.com/bar
However, the code of these projects is nearly identical so we're in the process of consolidating them. Ideally, we'd have
commonhosted onserver.com/common(which would only be used internally)- IIS rewrite rule
^foo(.*)$→common{R:1}so it appears to be hosted onserver.com/foo - IIS rewrite rule
^bar(.*)$→common{R:1}so it appears to be hosted onserver.com/bar
We've set up the new common project and it's working fine on server.com/common, however, when we enabled the rewrite rules, anything trying to navigate to server.com/foo or /bar will produce a 403 error, specifically:
Troubleshooting
I'm pretty sure this is not an issue with my pattern/replacement strings, because if I change the rule type to Redirect, it produces the desired destination URL.
If I create a IIS rewrite rule ^common/test(.*)$ → common{R:1} then the common code runs correctly, but ^common-test(.*)$ → common{R:1} fails, so there's something preventing common from being served from any URL other than /common.
What's confusing here is that there is another application which does a similar thing with /baz and /qux being rewritten to a shared application, /other. If I point ^foo(.*)$ → other{R:1} it works fine (though of course, it executes the wrong application code). I'm unable to identify any other relevant differences between these two applications that would cause this. In fact, I copied nearly all the Web.config file from other and still saw the same behavior.
I've also exhausted these other potential solutions:
- IIS URL Rewrite : 403 - Forbidden: Access is denied - Require SSL is disabled site-wide; we handle SSL at the ingress. Also, for all of these applications, we only use anonymous authentication.
- Unable to get anything except 403 from a .Net 4.5 website - I enabled this option and didn't see any change.
What else could be causing this? I'd appreciate any pointers.
