Serve specifics request in dedicated server for same domain - asp.net-core

Asp.net Core App in IIS with its own domain served in two balanced servers.
Is it possible to have a specific controller attended in a third server only, but under the same domain?
Let's say http://MyApp.com/MyBusyController served in the third server and the rest of the app in the other two?
The reason for this is that this controller will be doing some heavy operations and it's going to get very busy, and don't want to degrade the other two servers, but have to be under the same domain.

You can use ARR load balance instead. So that URL rewrite rule can be used to manage the load balance.
https://learn.microsoft.com/en-us/iis/extensions/configuring-application-request-routing-arr/http-load-balancing-using-application-request-routing
You can create default inbound ARR_loadbalance rule and exclude the request to MyBusyController:
<rule name="ARR_MyWebFarm_loadbalance" enabled="false" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<action type="Rewrite" url="http://MyWebFarm/{R:0}" />
<conditions>
<add input="{REQUEST_URI}" pattern="MyBusyController" negate="true" />
</conditions>
</rule>
Then you can create reverse proxy rule for specific controller MyBusyController:
https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing

Related

How to ignore HTTPS Only Azure Appservice custom domain setting for Always on

I have a ASP.Net Core 2.2 site running as an Azure AppService. As part of the configuration, I have a custom domain with the HTTPS only setting turned on.
I also have the Always on setting turned on on my Appservice.
According to this article
https://ruslany.net/2017/11/most-common-deployment-slot-swap-failures-and-how-to-fix-them/ the Always on setting will be ignored when HTTPS only is on and as a result, my site is always doing a cold start with the first call.
According to the same article, a rule condition can be set in the web.config to not process the Redirect to HTTPS rule if a {warmup_request} is processed.
However, my HTTPS only is set on the custom domain in Azure and not as a rule in the web.config.
I am setting RouteOptions in startup.cs with the following code:
services.Configure<RouteOptions>(options =>
{
options.LowercaseUrls = true;
});
and believe that the rule condition can be done here as well using options.ConstraintMap() but I am unsure as to the syntax or method required to represent the following:
<match url="(.*)" />
<conditions>
<add input="{WARMUP_REQUEST}" pattern="1" negate="true" />
<add input="{REMOTE_ADDR}" pattern="^100?\." negate="true" />
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
Any help on how to do this will be appreciated
Thanks
From the time this article was written the "https only" has been added as a built-in feature of app services so there is no need to use this rewrite rule anymore.
As to how to minimize the cold start for your application - you may want to consider adding appinit configuration to the web.config as described in App Service Warm-Up Demystified

URL Rewrite Rule: HTTP to HTTPS Not Working in IIS 8 2016 Server: ERR_INVALID_REDIRECT

I installed a godaddy SSL certificate. All these urls work in the browser:
"park.mydomain.com", "http://park.mydomain.com", "https://park.mydomain.com". The first two show unsecured and the last secured. In the bindings I have two entries. One [https park.mydomain.com port 443] and the other is [http park.mydomain.com port 80]. I installed URL rewrite and added a rule from this link: here. Now, if I type the first or the second url the browser says not found ERR_INVALID_REDIRECT. Only the third one that is https:park.mydomain.com works. If I disable the rule all three work again. What is wrong ? Why is it not redirecting ? The 2016 server with IIS is hosted in azure
<rewrite>
<rules>
<rule name="http_https" enabled="false" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_POST}/{R:1}" appendQueryString="false" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
The redirection was setup correctly. The problem was on the type of certificate that I had installed, that was for one domain only.

Trying to access UpSource over https via IIS Reverse Proxy returns an empty page

I am currently trying to set up various Jetbrains services for use via https by using an IIS reverse proxy. The complete intended setup should looks somewhat like this:
TeamCity: https://server.company.com -> http://server.company.com
YouTrack: https://server.company.com/youtrack/ -> http://server.company.com:1234/issues/
Hub: https://server.company.com/hub/ -> http://server.company.com:5678/hub/
UpSource: https://server.company.com/upsource/ -> http://server.company.com:9876
I have already gotten this to work, with some difficulty, for TeamCity and YouTrack by using the following configuration:
In IIS, I have a TeamCity website that serves as a redirect. The web.config of that site currently looks as follows:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="Reverse Proxy to TeamCity" stopProcessing="true">
<match url="^teamcity/(.*)" />
<action type="Rewrite" url="http://server.company.com/{R:1}" />
</rule>
<rule name="Reverse Proxy to YouTrack" stopProcessing="true">
<match url="^youtrack/(.*)" />
<action type="Rewrite" url="http://server.company.com:8080/issues/{R:1}" />
</rule>
<rule name="Reverse Proxy to Hub" stopProcessing="true">
<match url="^hub/(.*)" />
<action type="Rewrite" url="http://server.company.com:8082/hub/{R:1}" />
</rule>
<rule name="Reverse Proxy to UpSource" stopProcessing="true">
<match url="^upsource/(.*)" />
<action type="Rewrite" url="http://server.company.com:8081/{R:1}" />
</rule>
<rule name="Reverse Proxy to Collaboration General" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://server.company.com/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
In addition, I have configured the following server variables as described in the documentation:
HTTP_X_FORWARDED_HOST
HTTP_X_FORWARDED_SCHEME
HTTP_X_FORWARDED_PROTO
However, when trying to access UpSource via https://server.company.com/upsource/, all I get is an empty page titled "Upsource". No error message. Not even a Fav Icon. Accessing UpSource via http://server.company.com:8081/ still works as normal though.
I have also already tried running the following chain of commands:
upsource.bat stop
upsource.bat configure --listen-port 8081 --base-url https://server.company.com:443/upsource/
upsource.bat start --J-Dbundle.websocket.compression.enabled=false
However, that did just caused the problem to change to:
HTTP ERROR: 404
Problem accessing /bundle/starting. Reason:
Not Found
Powered by Jetty:// 9.3.20.v20170531
How can I set up UpSource to work like TeamCity and Hub are already doing?
Any help on this would be greatly appreciated.
With some help of a YouTrack support employee helping with a related YouTrack error, I was able to figure out the reason behind this issue.
The reason is this: When accessing UpSource via https using a path for the redirect, the path needs to be the same in both the http and https variants.
In short, this will not work:
https://server.company.com/upsource -> http://server.company.com:9876
But this will:
https://server.company.com/upsource -> http://server.company.com:9876/upsource
I got this to work by running the following configurational command on the upsource.bat in [InstDir]/bin:
upsource.bat configure --listen-port 9876 --base-url http://server.company.com:9876/upsource
Now I can at the very least connect to and log in to UpSource via https. There's still a problem, but since it's unrelated to the topic of this question, I will create a separate question for it.
Note: on IIS 8.5 set HTTP1.1 at ARR PROXY-Settings. Otherwise the websocket connects, but there's no communication.
upsource v. upsource-2018.2.1291
https://www.jetbrains.com/help/upsource/proxy-configuration.html#IISreverseProxy

Azure Cloud Service redirect http to https not working (tried answers on many links)

I'm trying to do the 'simple' task of redirecting/rewriting traffic from http to https, I have one endpoint in a CloudService which is correctly configured for SSL.
I've tried many IIS rewrite rules, like the one below, but none are working. I've also tried setting up the rules via remote desktop on the IIS 8 server directly which also doesn't work.
When I enter any tag in the Azure web.config file the rewrite tag has a blue line under it with a message saying it is invalid under <system.webServer> :
<system.webServer>
...
<rewrite>
<rules>
<rule name="RedirectToHTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{SERVER_NAME}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
</system.webServer>
Any advice is much appreciated.
In order for these rules to work you have to configure both the endpoints - HTTP and HTTPS !!
If you have not configured plain HTTP endpoint on port 80, your server will never be hit by an Internet traffic, so rewrite rules will never trigger.Thus you get the timeout when you try opening the domain over plain HTTP. There is simply no process listening on port 80 when you haven't defined endpoint for it.

https://www.mydomain.com and https://mydomain.com go to different pages

Web Server: IIS 6.0 (ASP.Net 4.0)
I host two sites: one is the main web site and the other is the store site. Each are separate web sites in IIS. Each share the same wildcard SSL certificate. The store site uses a Host Header (store.mydomain.com) to direct traffic to it.
I want it so any URL used without the sub-domain "store" directs the user to the main web site, not the store web site.
The problem I'm experiencing is that the following URL always directs users to the default.aspx page on the store web site:
https://www.mydomain.com
Yet, these URLs correctly go to the main page on the main web site:
http://mydomain.com
http://www.mydomain.com
https://mydomain.com
What's up with the https://www that directs users to different page?
I have added a rewrite rule in the web.config file for both sites but it doesn't have any effect:
<rewrite>
<rules>
<rule name="Consistent Domain" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions>
<add input="{HTTP_HOST}" pattern="^mydomain.com$" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="http://www.mydomain.com/{R:1}" />
</rule>
</rules>
</rewrite>
First, are you sure this is IIS6? The URLRewrite feature is part of IIS7 and would have no effect under IIS6 if present. If this is IIS6 that may well be the answer to your question.
That aside, it is difficult to answer this based on the data given. It is possible that the bindings of the sites is incorrect and resulting in the traffic going to a site you don't expect.