We Keep Coding

The .NET Core feature AllowedHosts is not working

I have a micro service built on .net core v3 and hosted in the ATIKA domain which is on a virtual machine of Azure. I want to access hosted API from the IVKLA domain only and other than this domain should get 400 status code.
So in allow host is taken care in the appsettings file
"AllowedHosts": "IVKLA.com"
Even with this setting, however, I am getting 400 status code from any Postman request made from IVKLA domain computers.
I have tried other forum posts but still did not got any proper answer.
The information below was last updated on October 21, 2022.
As suggested, I have tried using URL ReWrite in IIS server. I Was able to block the IP and getting 403 forbidden status.
But when I have try to white list an IP I am getting
"500URL Rewrite Module Error"
This is the URL rewrite from web.config
<rewrite>
<rewriteMaps>
<rewriteMap name="Authorized Admin IPs">
<add key="1.2.3.4" value="1" />
</rewriteMap>
</rewriteMaps>
<rules>
<rule name="Authorized admin" patternSyntax="Wildcard">
<match url="*" />
<conditions logicalGrouping="MatchAny">
<add input="{Authorized Admin IPs:{REMOTE_ADDR}}" pattern="1" />
<add input="{REMOTE_ADDR}" pattern="*.*.*.*" />
</conditions>
<serverVariables>
<set name="HTTP_X_AUTHORIZED_ADMIN" value="yes" />
</serverVariables>
<action type="None" />
</rule>
<rule name="un Authorized users" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern=".*" />
<add input="{HTTP_X_AUTHORIZED_ADMIN}" pattern="yes" />
</conditions>
<action type="CustomResponse" statusCode="403" statusReason="forbidden" statusDescription="forbidden" />
</rule>
</rules>
</rewrite>

URL Rewriting in IIS with Express

I want to rewrite all images to a different folder. I'm using IIS and have configured a rule in the web.config to redirect all requests to a node.js file as follows:
<rewrite>
<rules>
<rule name="img">
<match url="\/(.*).img" />
<action type="Rewrite" url="/handlers/img.js" />
</rule>
</rules>
</rewrite>
All requests are now being sent to the img.js file, where based on a condition, I want to redirect to another image file. But IIS now sends that file to the img.js and it ends up as a loop. Is there any way out of this loop?

You could try the below thing to resolve the issue:
set the condition to do not match the pattern:
<conditions>
<add input="{REQUEST_URI}" pattern="\/(.*).img.js" negate="true" />
</conditions>
or set <rule name="img" stopProcessing="true">
<rule name="img" stopProcessing="true">
<match url="\/(.*).img" />
<conditions>
<add input="{REQUEST_URI}" pattern="\/(.*).img.js" negate="true" />
</conditions>
<serverVariables />
<action type="Rewrite" url="/handlers/img.js" logRewrittenUrl="true" />
</rule>

IIS 10 (server 2016) SSL redirect to www. and .se

I have a site with multiple domainnames and have just implemented an ssl certificate to the site. but there is a problem when redirecting the incomming requests.
I want to configure it so all requests should redirect to one singel domainname (https://www.barnensbibliotek.se).
The ssl cert is for *.barnensbibliotek.se and www.barnensbibliotek.se and the other domainnames should just redirect to them regardless if the are http or https
i would like to redirect all other domainnames for barnensbibliotek like: barnensbibliotek.se, barnensbibliotek.com and www.barnensbibliotek.com (.info, .org, .nu, .net) to the https://www.barnensbibliotek.se.
I used this code in the web.config (this code works for www.barnensbibliotek.se but not for the others)
<rewrite>
<rules>
<rule name="Redirect to https" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" negate="false" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
Is there a way to solve this?

This problem was solved widt this code:
<rewrite>
<rules>
<rule name="http: to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>

IIS 8 Redirect to HTTPS Based on URL Address

Assume my server ip address was : http://192.168.1.100 (NON SSL)
And my domain name was : https://helloserver.com (SSL)
If someone was to access my website via the domain helloserver.com the server should automcatically redirect it to HTTPS.
I've managed to get that done by applying the below rule
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Permanent"
url="https://{HTTP_HOST}/{R:1}" />
</rule>
But however if someone access the website from the IP Address itself, it'll give a certificate error because the ip address doesn't have a certificate.
How can i modify the below rule in away that when the IP Address is used to access the website it would use HTTP instead of the redirected HTTPS rule
I'm guessing it has something to do with <match url="" /> condition.
Any idea's?

<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
<add input="{HTTP_HOST}" pattern="^helloserver.com$" />
</conditions>
<action type="Redirect" redirectType="Permanent"
url="https://{HTTP_HOST}/{R:1}" />
</rule>

Preserving URL when using SSL Redirect for multiple websites pointing to same folder

I have multiple websites pointing to a central folder (IIS 7.5)
company1.domain.com/wo pointing to D:\inetpub\wo
company2.domain.com/wo pointing to D:\inetpub\wo
company3.domain.com/wo pointing to D:\inetpub\wo
All the websites work for both HTTP and HTTPS (if typed manually). However, the sites have to connect via HTTPS. I want to setup automatic SSL redirect to but am having issues. I created URL Rewrite rule but since this is only one webconfig file the URL redirects to only one website (not maintaining the URL).
How do I setup SSL redirect so that the URLs are preserved and all websites point to the same folder?
Any assistance will be greatly appreciated.
Thanks

You should include the host header when checking if HTTPS is enabled and then redirect to the https URL for the appropriate domain.
Here's an example:
<rewrite>
<rules>
<clear />
<rule name="Force HTTPS - www.domain1.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" negate="true" pattern="^ON$" />
<add input="{HTTP_HOST}" pattern="\.domain1\.com$" />
</conditions>
<action type="Redirect" url="https://www.domain1.com{REQUEST_URI}" appendQueryString="false" redirectType="Permanent" />
</rule>
<rule name="Force HTTPS - www.domain2.com" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" negate="true" pattern="^ON$" />
<add input="{HTTP_HOST}" pattern="\.domain2\.com$" />
</conditions>
<action type="Redirect" url="https://www.domain2.com{REQUEST_URI}" appendQueryString="false" redirectType="Permanent" />
</rule>
<!-- add more rules for other domains if needed -->
</rule>
</rules>
</rewrite>
You can add as many rules for domain names as you want.
EDIT: Sorry, I misread your question. In that case it's even simpler:
<rewrite>
<rules>
<clear />
<rule name="Force HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{HTTPS}" negate="true" pattern="^ON$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
No need to check for the host header, just include the host name in the redirect. You only have to make sure that you have SSL certificates for all domain names.