Compartilhar via


IIS URL Rewrite - 如何建立 HTTP 轉 HTTPS 及 Reverse Proxy

IIS URL Rewrite功能可用來快速建立低成本的Reverse Proxy伺服器,透過web.config 或 IIS UI設定就可以完成所有設定。

我挑出兩個最常用的功能: HTTP 轉 HTTPS 及 Reverse Proxy,提供作法給各位參考。

建立 HTTP 轉 HTTPS 規則:  

1. 在需要設定HTTP轉HTTPS的IIS 站台或是虛擬目錄上,選擇URL Rewrite功能。

圖一, IIS URL Rewrite功能

 

2.  新增Inbound Rule,請參考下圖設定Pattern, Condition 及 Action,簡單的三個設定,就可以將https://aaa.com/bbb 訪問,轉換為https://aaa.com/bbb 

圖二, URL Rewrite Inbound Rule

 

建立 Reverse Proxy 規則:  

建立Reverse Proxy是為了保護內部的content server,這表示使用者並不會知道內部content server實際的IP, Port等資訊,因此Reverse Proxy的關鍵在於Outbound Rule的設定。

Outbound Rule是用來調整送出給使用者的網頁內容,將與content server有關的內容,置換為Reverse Proxy的內容,由於網頁內容五花八門,提供下列萬用Outbound Rule 希望對各位有幫助。

Note: 請修改對應目錄中的web.config檔案,下列設定以https://aaa.com/bbb 作為範例。

 <outboundRules>     <rule name="RestoreAcceptEncoding" preCondition="NeedsRestoringAcceptEncoding">                    <match serverVariable="HTTP_ACCEPT_ENCODING" pattern="^(.*)" />                    <action type="Rewrite" value="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" />                </rule>                <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Img, Input, Link, Script" pattern="^http(s)?://InternalContentServerIP/folder/(.*)" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />                    <action type="Rewrite" value="https://aaa.com/bbb/{R:2}" />                </rule>                <rule name="RewriteResponseLocation" stopProcessing="true">                    <match serverVariable="RESPONSE_Location" pattern="^http(s)?://InternalContentServerIP/folder/(.*)" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />                    <action type="Rewrite" value="https://aaa.com/bbb/{R:2}" />                </rule>                <rule name="RewriteRelativePath1-1" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Img, Input, Link, Script" pattern="^/bbb/(.*)" negate="false" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />                    <action type="Rewrite" value="/bbb/{R:1}" />                </rule>                <rule name="RewriteRelativePath1-2" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^http(s)?://(.*)" negate="false" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />                    <action type="Rewrite" value="{R:0}" />                </rule>                <rule name="RewriteRelativePath1-3" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^mailto:(.*)" negate="false" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />                    <action type="Rewrite" value="{R:0}" />                </rule>                <rule name="RewriteRelativePath1-4" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^javascript:(.*)" negate="false" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />                    <action type="Rewrite" value="{R:0}" />                </rule>                <rule name="RewriteRelativePath1" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^/(.*)" negate="false" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />                    <action type="Rewrite" value="{R:1}" />                </rule>                <rule name="RewriteRelativePath2-2" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^bbb/(.*)" negate="false" />                    <conditions logicalGrouping="MatchAny" trackAllCaptures="true" />                    <action type="Rewrite" value="{R:1}" />                </rule>                <rule name="RewriteRelativePath2-1" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^(.*)" negate="false" />                    <conditions logicalGrouping="MatchAny" trackAllCaptures="true">                        <add input="{REQUEST_URI}" pattern="bbb/" />                    </conditions>                    <action type="Rewrite" value="./{R:1}" />                </rule>                <rule name="RewriteRelativePath2" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="^(.*)" negate="false" />                    <conditions logicalGrouping="MatchAny" trackAllCaptures="true">                        <add input="{REQUEST_URI}" pattern="bbb/(.*)" />                    </conditions>                    <action type="Rewrite" value="/bbb/{R:1}" />                </rule>                                <rule name="RewriteRelativePath3" preCondition="ResponseIsHtml1" enabled="true" stopProcessing="true">                    <match filterByTags="A, Area, Base, Form, Frame, Head, IFrame, Img, Input, Link, Script" pattern="(.*)" negate="false" />                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true">                        <add input="{REQUEST_FILENAME}" pattern="bbb/(.*)" negate="true" />                    </conditions>                    <action type="Rewrite" value="/bbb/{R:1}" />                </rule>                               <preConditions>                    <preCondition name="ResponseIsHtml1" logicalGrouping="MatchAny">                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/plain" />                    </preCondition>                    <preCondition name="NeedsRestoringAcceptEncoding">                        <add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern=".+" />                    </preCondition>                </preConditions>
 </outboundRules>

 

Enjoy!